package cn.dreampie.route.handler.cors;

import cn.dreampie.common.http.HttpRequest;
import cn.dreampie.common.http.HttpResponse;
import cn.dreampie.common.http.exception.WebException;
import cn.dreampie.common.http.result.HttpStatus;
import cn.dreampie.common.util.Joiner;
import cn.dreampie.common.util.Lister;
import cn.dreampie.log.Logger;
import cn.dreampie.route.handler.Handler;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:cn/dreampie/route/handler/cors/CORSHandler.class */
public class CORSHandler extends Handler {
    public static final String ACCESS_CONTROL_REQUEST_METHOD_HEADER = "Access-Control-Request-Method";
    public static final String ACCESS_CONTROL_REQUEST_HEADERS_HEADER = "Access-Control-Request-Headers";
    public static final String ACCESS_CONTROL_ALLOW_ORIGIN_HEADER = "Access-Control-Allow-Origin";
    public static final String ACCESS_CONTROL_ALLOW_METHODS_HEADER = "Access-Control-Allow-Methods";
    public static final String ACCESS_CONTROL_ALLOW_HEADERS_HEADER = "Access-Control-Allow-Headers";
    public static final String ACCESS_CONTROL_MAX_AGE_HEADER = "Access-Control-Max-Age";
    public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER = "Access-Control-Allow-Credentials";
    public static final String ACCESS_CONTROL_EXPOSE_HEADERS_HEADER = "Access-Control-Expose-Headers";
    private static final String ORIGIN_HEADER = "Origin";
    private boolean anyOriginAllowed;
    private boolean anyHeadersAllowed;
    private List<String> allowedOrigins;
    private List<String> allowedMethods;
    private List<String> allowedHeaders;
    private List<String> exposedHeaders;
    private int preflightMaxAge;
    private boolean allowCredentials;
    private boolean chainPreflight;
    private static final Logger logger = Logger.getLogger(CORSHandler.class);
    private static final List<String> SIMPLE_HTTP_METHODS = Lister.of(new Object[]{"GET", "POST", "HEAD"});

    public CORSHandler() {
        this.anyOriginAllowed = true;
        this.anyHeadersAllowed = false;
        this.allowedOrigins = Lister.of(new Object[]{"*"});
        this.allowedMethods = Lister.of(new Object[]{"GET", "POST", "HEAD"});
        this.allowedHeaders = Lister.of(new Object[]{"X-Requested-With", "Content-Type", "Accept", ORIGIN_HEADER});
        this.exposedHeaders = null;
        this.preflightMaxAge = 1800;
        this.allowCredentials = true;
        this.chainPreflight = true;
    }

    public CORSHandler(String str) {
        this(null, str, null);
    }

    public CORSHandler(String str, String str2) {
        this(null, str, str2);
    }

    public CORSHandler(String str, String str2, String str3) {
        this(str, str2, str3, null);
    }

    public CORSHandler(String str, String str2, String str3, String str4) {
        this.anyOriginAllowed = true;
        this.anyHeadersAllowed = false;
        this.allowedOrigins = Lister.of(new Object[]{"*"});
        this.allowedMethods = Lister.of(new Object[]{"GET", "POST", "HEAD"});
        this.allowedHeaders = Lister.of(new Object[]{"X-Requested-With", "Content-Type", "Accept", ORIGIN_HEADER});
        this.exposedHeaders = null;
        this.preflightMaxAge = 1800;
        this.allowCredentials = true;
        this.chainPreflight = true;
        if (str != null) {
            this.allowedOrigins = Lister.of(str.split(","));
        }
        if (str2 != null) {
            this.allowedMethods = Lister.of(str2.split(","));
        }
        if (str3 != null) {
            this.allowedHeaders = Lister.of(str3.split(","));
        }
        if (str4 != null) {
            this.exposedHeaders = Lister.of(str4.split(","));
        }
    }

    @Override // cn.dreampie.route.handler.Handler
    public final void handle(HttpRequest httpRequest, HttpResponse httpResponse, boolean[] zArr) {
        String header = httpRequest.getHeader(ORIGIN_HEADER);
        if (header != null && isEnabled(httpRequest)) {
            if (!originMatches(header)) {
                logger.debug("Cross-origin request to " + httpRequest.getRestPath() + " with origin " + header + " does not match allowed origins " + this.allowedOrigins);
            } else if (isSimpleRequest(httpRequest)) {
                logger.debug("Cross-origin request to %s is a simple cross-origin request", new Object[]{httpRequest.getRestPath()});
                handleSimpleResponse(httpRequest, httpResponse, header);
            } else if (isPreflightRequest(httpRequest)) {
                logger.debug("Cross-origin request to %s is a preflight cross-origin request", new Object[]{httpRequest.getRestPath()});
                handlePreflightResponse(httpRequest, httpResponse, header);
                if (!this.chainPreflight) {
                    throw new WebException(HttpStatus.FORBIDDEN, "Unauthorized CORS request");
                }
                logger.debug("Preflight cross-origin request to %s forwarded to application", new Object[]{httpRequest.getRestPath()});
            } else {
                logger.debug("Cross-origin request to %s is a non-simple cross-origin request", new Object[]{httpRequest.getRestPath()});
                handleSimpleResponse(httpRequest, httpResponse, header);
            }
        }
        this.nextHandler.handle(httpRequest, httpResponse, zArr);
    }

    protected boolean isEnabled(HttpRequest httpRequest) {
        Enumeration headers = httpRequest.getHeaders("Connection");
        while (headers.hasMoreElements()) {
            if ("Upgrade".equalsIgnoreCase((String) headers.nextElement())) {
                Enumeration headers2 = httpRequest.getHeaders("Upgrade");
                while (headers2.hasMoreElements()) {
                    if ("WebSocket".equalsIgnoreCase((String) headers2.nextElement())) {
                        return false;
                    }
                }
            }
        }
        return true;
    }

    private boolean originMatches(String str) {
        if (this.anyOriginAllowed) {
            return true;
        }
        if (str.trim().length() == 0) {
            return false;
        }
        for (String str2 : str.split(" ")) {
            if (str2.trim().length() != 0) {
                for (String str3 : this.allowedOrigins) {
                    if (str3.contains("*")) {
                        if (createMatcher(str2, str3).matches()) {
                            return true;
                        }
                    } else if (str3.equals(str2)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private Matcher createMatcher(String str, String str2) {
        return Pattern.compile(parseAllowedWildcardOriginToRegex(str2)).matcher(str);
    }

    private String parseAllowedWildcardOriginToRegex(String str) {
        return str.replace(".", "\\.").replace("*", ".*");
    }

    private boolean isSimpleRequest(HttpRequest httpRequest) {
        return SIMPLE_HTTP_METHODS.contains(httpRequest.getHttpMethod()) && httpRequest.getHeader(ACCESS_CONTROL_REQUEST_METHOD_HEADER) == null;
    }

    private boolean isPreflightRequest(HttpRequest httpRequest) {
        return "OPTIONS".equalsIgnoreCase(httpRequest.getHttpMethod()) || httpRequest.getHeader(ACCESS_CONTROL_REQUEST_METHOD_HEADER) != null;
    }

    private void handleSimpleResponse(HttpRequest httpRequest, HttpResponse httpResponse, String str) {
        httpResponse.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, str);
        if (!this.anyOriginAllowed) {
            httpResponse.addHeader("Vary", ORIGIN_HEADER);
        }
        if (this.allowCredentials) {
            httpResponse.setHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER, "true");
        }
        if (this.exposedHeaders == null || this.exposedHeaders.isEmpty()) {
            return;
        }
        httpResponse.setHeader(ACCESS_CONTROL_EXPOSE_HEADERS_HEADER, Joiner.on(",").join(this.exposedHeaders));
    }

    private void handlePreflightResponse(HttpRequest httpRequest, HttpResponse httpResponse, String str) {
        if (isMethodAllowed(httpRequest)) {
            List<String> accessControlRequestHeaders = getAccessControlRequestHeaders(httpRequest);
            if (areHeadersAllowed(accessControlRequestHeaders)) {
                httpResponse.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, str);
                if (!this.anyOriginAllowed) {
                    httpResponse.addHeader("Vary", ORIGIN_HEADER);
                }
                if (this.allowCredentials) {
                    httpResponse.setHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER, "true");
                }
                if (this.preflightMaxAge > 0) {
                    httpResponse.setHeader(ACCESS_CONTROL_MAX_AGE_HEADER, String.valueOf(this.preflightMaxAge));
                }
                httpResponse.setHeader(ACCESS_CONTROL_ALLOW_METHODS_HEADER, Joiner.on(",").join(this.allowedMethods));
                if (this.anyHeadersAllowed) {
                    httpResponse.setHeader(ACCESS_CONTROL_ALLOW_HEADERS_HEADER, Joiner.on(",").join(accessControlRequestHeaders));
                } else {
                    httpResponse.setHeader(ACCESS_CONTROL_ALLOW_HEADERS_HEADER, Joiner.on(",").join(this.allowedHeaders));
                }
            }
        }
    }

    private boolean isMethodAllowed(HttpRequest httpRequest) {
        String header = httpRequest.getHeader(ACCESS_CONTROL_REQUEST_METHOD_HEADER);
        logger.debug("%s is %s", new Object[]{ACCESS_CONTROL_REQUEST_METHOD_HEADER, header});
        boolean z = false;
        if (header != null) {
            z = this.allowedMethods.contains(header);
        }
        logger.debug("Method %s is" + (z ? "" : " not") + " among allowed methods %s", new Object[]{header, this.allowedMethods});
        return z;
    }

    List<String> getAccessControlRequestHeaders(HttpRequest httpRequest) {
        String header = httpRequest.getHeader(ACCESS_CONTROL_REQUEST_HEADERS_HEADER);
        logger.debug("%s is %s", new Object[]{ACCESS_CONTROL_REQUEST_HEADERS_HEADER, header});
        if (header == null) {
            return Lister.of(new Object[0]);
        }
        List<String> of = Lister.of(new Object[0]);
        for (String str : header.split(",")) {
            String trim = str.trim();
            if (trim.length() > 0) {
                of.add(trim);
            }
        }
        return of;
    }

    private boolean areHeadersAllowed(List<String> list) {
        if (this.anyHeadersAllowed) {
            logger.debug("Any header is allowed");
            return true;
        }
        boolean z = true;
        Iterator<String> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String next = it.next();
            boolean z2 = false;
            Iterator<String> it2 = this.allowedHeaders.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (next.equalsIgnoreCase(it2.next().trim())) {
                    z2 = true;
                    break;
                }
            }
            if (!z2) {
                z = false;
                break;
            }
        }
        logger.debug("Headers [%s] are" + (z ? "" : " not") + " among allowed headers %s", new Object[]{list, this.allowedHeaders});
        return z;
    }

    public List<String> getAllowedOrigins() {
        return this.allowedOrigins;
    }

    public void setAllowedOrigins(String... strArr) {
        if (strArr.length == 1 && strArr[0].equals("*")) {
            this.anyOriginAllowed = true;
        }
        this.allowedOrigins = Lister.of(strArr);
    }

    public List<String> getAllowedMethods() {
        return this.allowedMethods;
    }

    public void setAllowedMethods(String... strArr) {
        this.allowedMethods = Lister.of(strArr);
    }

    public List<String> getAllowedHeaders() {
        return this.allowedHeaders;
    }

    public void setAllowedHeaders(String... strArr) {
        if (strArr.length == 1 && strArr[0].equals("*")) {
            this.anyHeadersAllowed = true;
        }
        this.allowedHeaders = Lister.of(strArr);
    }

    public List<String> getExposedHeaders() {
        return this.exposedHeaders;
    }

    public void setExposedHeaders(String... strArr) {
        this.exposedHeaders = Lister.of(strArr);
    }

    public int getPreflightMaxAge() {
        return this.preflightMaxAge;
    }

    public void setPreflightMaxAge(int i) {
        this.preflightMaxAge = i;
    }

    public boolean isAllowCredentials() {
        return this.allowCredentials;
    }

    public void setAllowCredentials(boolean z) {
        this.allowCredentials = z;
    }

    public boolean isChainPreflight() {
        return this.chainPreflight;
    }

    public void setChainPreflight(boolean z) {
        this.chainPreflight = z;
    }
}
