package org.restcomm.connect.http.cors;

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
import java.io.File;
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import javax.ws.rs.ext.Provider;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.configuration.XMLConfiguration;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.jboss.system.pm.XMLAttributePersistenceManager;
import org.restcomm.connect.commons.configuration.sets.impl.RcmlserverConfigurationSetImpl;
import org.restcomm.connect.commons.configuration.sources.ApacheConfigurationSource;

@Provider
/* loaded from: input_file:WEB-INF/lib/restcomm-connect.http-8.2.0.1260.jar:org/restcomm/connect/http/cors/CorsFilter.class */
public class CorsFilter implements ContainerResponseFilter {
    private final Logger logger = Logger.getLogger(CorsFilter.class);

    @Context
    private HttpServletRequest servletRequest;
    private ServletContext lazyServletContext;
    String allowedOrigin;

    @Override // com.sun.jersey.spi.container.ContainerResponseFilter
    public ContainerResponse filter(ContainerRequest containerRequest, ContainerResponse containerResponse) {
        initLazily(this.servletRequest);
        String headerValue = containerRequest.getHeaderValue("Origin");
        if (headerValue != null && this.allowedOrigin != null && this.allowedOrigin.startsWith(headerValue)) {
            containerResponse.getHttpHeaders().add("Access-Control-Allow-Origin", headerValue);
            containerResponse.getHttpHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
            containerResponse.getHttpHeaders().add("Access-Control-Allow-Credentials", XMLAttributePersistenceManager.AL_TRUE_VALUE);
            containerResponse.getHttpHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
            containerResponse.getHttpHeaders().add("Access-Control-Max-Age", "1209600");
        }
        return containerResponse;
    }

    private void initLazily(ServletRequest servletRequest) {
        if (this.lazyServletContext == null) {
            ServletContext servletContext = servletRequest.getServletContext();
            String str = StringUtils.stripEnd(servletContext.getRealPath("/"), "/") + "/WEB-INF/conf/restcomm.xml";
            new File(str);
            XMLConfiguration xMLConfiguration = new XMLConfiguration();
            xMLConfiguration.setDelimiterParsingDisabled(true);
            xMLConfiguration.setAttributeSplittingDisabled(true);
            try {
                xMLConfiguration.load(str);
            } catch (ConfigurationException e) {
                e.printStackTrace();
            }
            String baseUrl = new RcmlserverConfigurationSetImpl(new ApacheConfigurationSource(xMLConfiguration)).getBaseUrl();
            if (baseUrl != null && !baseUrl.trim().equals("")) {
                this.allowedOrigin = baseUrl;
            }
            this.lazyServletContext = servletContext;
            this.logger.info("Initialized (lazily) CORS servlet response filter. allowedOrigin: " + this.allowedOrigin);
        }
    }
}
