package org.restheart.mongodb.handlers;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import org.restheart.handlers.PipelinedHandler;

/* loaded from: input_file:org/restheart/mongodb/handlers/CORSHandler.class */
public class CORSHandler extends PipelinedHandler {
    public static final String ALL_ORIGINS = "*";
    private final HttpHandler noPipedNext;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/restheart/mongodb/handlers/CORSHandler$CORSHeaders.class */
    public interface CORSHeaders {
        public static final HttpString ACCESS_CONTROL_EXPOSE_HEADERS = HttpString.tryFromString("Access-Control-Expose-Headers");
        public static final HttpString ACCESS_CONTROL_ALLOW_CREDENTIAL = HttpString.tryFromString("Access-Control-Allow-Credentials");
        public static final HttpString ACCESS_CONTROL_ALLOW_ORIGIN = HttpString.tryFromString("Access-Control-Allow-Origin");
    }

    public CORSHandler() {
        this((PipelinedHandler) null);
    }

    public CORSHandler(PipelinedHandler pipelinedHandler) {
        super(pipelinedHandler);
        this.noPipedNext = null;
    }

    public CORSHandler(HttpHandler httpHandler) {
        super((PipelinedHandler) null);
        this.noPipedNext = httpHandler;
    }

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        HeadersManager headersManager = new HeadersManager(httpServerExchange);
        injectXPBHeader(headersManager);
        injectAccessControlAllowHeaders(headersManager);
        if (this.noPipedNext != null) {
            this.noPipedNext.handleRequest(httpServerExchange);
        } else {
            next(httpServerExchange);
        }
    }

    private void injectXPBHeader(HeadersManager headersManager) {
        headersManager.addResponseHeader(HttpString.tryFromString("X-Powered-By"), "restheart.org");
    }

    private void injectAccessControlAllowHeaders(HeadersManager headersManager) {
        if (headersManager.isRequestHeaderSet(Headers.ORIGIN)) {
            headersManager.addResponseHeader(CORSHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, headersManager.getRequestHeader(Headers.ORIGIN).getFirst());
        } else {
            headersManager.addResponseHeader(CORSHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, ALL_ORIGINS);
        }
        headersManager.addResponseHeader(CORSHeaders.ACCESS_CONTROL_ALLOW_CREDENTIAL, Boolean.TRUE);
        headersManager.addResponseHeader(CORSHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "Location");
        headersManager.addResponseHeader(CORSHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "Location, " + String.valueOf(Headers.ETAG) + ", X-Powered-By");
    }
}
