package io.rxmicro.rest.server.detail.component;

import io.rxmicro.common.ImpossibleException;
import io.rxmicro.http.error.ValidationException;
import io.rxmicro.rest.model.HttpMethod;
import io.rxmicro.rest.model.PathVariableMapping;
import io.rxmicro.rest.server.detail.model.CrossOriginResourceSharingResource;
import io.rxmicro.rest.server.detail.model.HttpRequest;
import io.rxmicro.rest.server.detail.model.HttpResponse;
import io.rxmicro.rest.server.detail.model.Registration;
import io.rxmicro.rest.server.detail.model.mapping.ExactUrlRequestMappingRule;
import io.rxmicro.rest.server.detail.model.mapping.RequestMappingRule;
import io.rxmicro.rest.server.detail.model.mapping.WithUrlPathVariablesRequestMappingRule;
import io.rxmicro.rest.server.local.component.PathMatcher;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.stream.Collectors;

/* loaded from: input_file:io/rxmicro/rest/server/detail/component/CrossOriginResourceSharingPreflightRestController.class */
public final class CrossOriginResourceSharingPreflightRestController extends AbstractRestController {
    private final Map<String, CrossOriginResourceSharingResource> exactUrlMapping;
    private final List<CrossOriginResourceSharingResource> urlTemplateMapping;

    public CrossOriginResourceSharingPreflightRestController(Set<CrossOriginResourceSharingResource> set) {
        this.exactUrlMapping = (Map) set.stream().filter(crossOriginResourceSharingResource -> {
            return !crossOriginResourceSharingResource.isUrlSegmentsPresent();
        }).collect(Collectors.toUnmodifiableMap((v0) -> {
            return v0.getUri();
        }, Function.identity()));
        this.urlTemplateMapping = (List) set.stream().filter((v0) -> {
            return v0.isUrlSegmentsPresent();
        }).collect(Collectors.toUnmodifiableList());
    }

    @Override // io.rxmicro.rest.server.detail.component.AbstractRestController
    public void register(RestControllerRegistrar restControllerRegistrar) {
        List of = List.of(PathVariableMapping.class, HttpRequest.class);
        restControllerRegistrar.register(this, new Registration("", "handle", (List<Class<?>>) of, (BiFunction<PathVariableMapping, HttpRequest, CompletionStage<HttpResponse>>) (pathVariableMapping, httpRequest) -> {
            return handle(httpRequest);
        }, false, (List<RequestMappingRule>) this.exactUrlMapping.keySet().stream().map(str -> {
            return new ExactUrlRequestMappingRule(HttpMethod.OPTIONS.name(), str, false);
        }).collect(Collectors.toList())), new Registration("", "handle", (List<Class<?>>) of, (BiFunction<PathVariableMapping, HttpRequest, CompletionStage<HttpResponse>>) (pathVariableMapping2, httpRequest2) -> {
            return handle(httpRequest2);
        }, false, (List<RequestMappingRule>) this.urlTemplateMapping.stream().map(crossOriginResourceSharingResource -> {
            return new WithUrlPathVariablesRequestMappingRule(HttpMethod.OPTIONS.name(), crossOriginResourceSharingResource.getUrlSegments(), false);
        }).collect(Collectors.toList())));
    }

    @Override // io.rxmicro.rest.server.internal.BaseRestController
    public Class<?> getRestControllerClass() {
        return CrossOriginResourceSharingPreflightRestController.class;
    }

    private CompletionStage<HttpResponse> handle(HttpRequest httpRequest) {
        String value = httpRequest.getHeaders().getValue("Origin");
        validateOrigin(value);
        CrossOriginResourceSharingResource resource = getResource(httpRequest);
        validateAccessControlRequestMethod(httpRequest, resource);
        validateAccessControlRequestHeaders(httpRequest, resource);
        HttpResponse build = this.httpResponseBuilder.build();
        setCORSHeaders(value, resource, build);
        return CompletableFuture.completedStage(build);
    }

    private CrossOriginResourceSharingResource getResource(HttpRequest httpRequest) {
        String uri = httpRequest.getUri();
        CrossOriginResourceSharingResource crossOriginResourceSharingResource = this.exactUrlMapping.get(uri);
        if (crossOriginResourceSharingResource != null) {
            return crossOriginResourceSharingResource;
        }
        for (CrossOriginResourceSharingResource crossOriginResourceSharingResource2 : this.urlTemplateMapping) {
            if (new PathMatcher(crossOriginResourceSharingResource2.getUrlSegments()).matches(uri).matches()) {
                return crossOriginResourceSharingResource2;
            }
        }
        throw new ImpossibleException("CrossOriginResourceSharingResource must be found", new Object[0]);
    }

    private void validateOrigin(String str) {
        if (str == null) {
            throw new ValidationException("Not a valid preflight request: Missing '?' header", new Object[]{"Origin"});
        }
    }

    private void validateAccessControlRequestMethod(HttpRequest httpRequest, CrossOriginResourceSharingResource crossOriginResourceSharingResource) {
        String value = httpRequest.getHeaders().getValue("Access-Control-Request-Method");
        if (value == null) {
            throw new ValidationException("Not a valid preflight request: Missing '?' header", new Object[]{"Access-Control-Request-Method"});
        }
        if (!crossOriginResourceSharingResource.getAllowMethods().contains(value)) {
            throw new ValidationException("Not a valid preflight request: Method '?' not supported. Allowed methods are: {?}", new Object[]{value, crossOriginResourceSharingResource.getAllowMethodsCommaSeparated()});
        }
    }

    private void validateAccessControlRequestHeaders(HttpRequest httpRequest, CrossOriginResourceSharingResource crossOriginResourceSharingResource) {
        String value = httpRequest.getHeaders().getValue("Access-Control-Request-Headers");
        if (value != null && Arrays.stream(value.split(",")).map(str -> {
            return str.trim().toLowerCase(Locale.ENGLISH);
        }).noneMatch(str2 -> {
            return crossOriginResourceSharingResource.getAllowHeaders().contains(str2) || crossOriginResourceSharingResource.getExposedHeaders().contains(str2);
        })) {
            throw new ValidationException("Not a valid preflight request: Header(s) {?} not supported. Allowed header(s): {?}", new Object[]{value, crossOriginResourceSharingResource.getAllHeadersCommaSeparated().orElse("<none>")});
        }
    }

    private void setCORSHeaders(String str, CrossOriginResourceSharingResource crossOriginResourceSharingResource, HttpResponse httpResponse) {
        if (crossOriginResourceSharingResource.getAllowOrigins().contains(str)) {
            httpResponse.setHeader("Access-Control-Allow-Origin", str);
        } else {
            httpResponse.setHeader("Access-Control-Allow-Origin", crossOriginResourceSharingResource.getFirstOrigin());
        }
        httpResponse.setHeader("Vary", "Origin");
        httpResponse.setHeader("Access-Control-Allow-Methods", crossOriginResourceSharingResource.getAllowMethodsCommaSeparated());
        crossOriginResourceSharingResource.getAllHeadersCommaSeparated().ifPresent(str2 -> {
            httpResponse.setHeader("Access-Control-Allow-Headers", str2);
        });
        if (crossOriginResourceSharingResource.isAccessControlAllowCredentials()) {
            httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
        }
        httpResponse.setHeader("Access-Control-Max-Age", Integer.valueOf(crossOriginResourceSharingResource.getAccessControlMaxAge()));
        httpResponse.setHeader("Content-Length", (Object) 0);
    }
}
