package com.truthbean.debbie.mvc.filter;

import com.truthbean.Logger;
import com.truthbean.LoggerFactory;
import com.truthbean.debbie.mvc.MvcConfiguration;
import com.truthbean.debbie.mvc.request.HttpHeader;
import com.truthbean.debbie.mvc.request.HttpMethod;
import com.truthbean.debbie.mvc.request.RouterRequest;
import com.truthbean.debbie.mvc.response.HttpStatus;
import com.truthbean.debbie.mvc.response.RouterResponse;
import java.io.Closeable;
import java.io.IOException;
import java.util.Map;
import java.util.Objects;

/* loaded from: input_file:com/truthbean/debbie/mvc/filter/CorsFilter.class */
public class CorsFilter implements RouterFilter, Closeable {
    private MvcConfiguration configuration;
    private final ThreadLocal<Boolean> doCors = new ThreadLocal<>();
    private static final Logger LOGGER = LoggerFactory.getLogger(CorsFilter.class);

    @Override // com.truthbean.debbie.mvc.filter.RouterFilter
    public CorsFilter setMvcConfiguration(MvcConfiguration mvcConfiguration) {
        this.configuration = mvcConfiguration;
        return this;
    }

    @Override // com.truthbean.debbie.mvc.filter.RouterFilter
    public boolean notFilter(RouterRequest routerRequest) {
        return !this.configuration.isEnableCors();
    }

    @Override // com.truthbean.debbie.mvc.filter.RouterFilter
    public boolean preRouter(RouterRequest routerRequest, RouterResponse routerResponse) {
        this.doCors.set(Boolean.valueOf(isCorsRequest(routerRequest) && this.configuration.isEnableCors()));
        return false;
    }

    @Override // com.truthbean.debbie.mvc.filter.RouterFilter
    public Boolean postRouter(RouterRequest routerRequest, RouterResponse routerResponse) {
        if (this.doCors.get() == null || !this.doCors.get().booleanValue()) {
            if (this.configuration.isEnableCors() || !isRequestOriginEqualRequestHost(routerRequest)) {
                routerResponse.setStatus(HttpStatus.OK);
                routerResponse.setContent("");
                return false;
            }
            LOGGER.info("cors forbidden");
            routerResponse.setStatus(HttpStatus.NOT_ACCEPTABLE);
            routerResponse.setContent("cors rejected!");
            return true;
        }
        LOGGER.debug("filter cors");
        Map<String, String> cors = this.configuration.getCors();
        if (cors == null || cors.isEmpty()) {
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, "*");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, "User-Agent,Origin,Cache-Control,Content-type,Date,Server,withCredentials,AccessToken,Authorization");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS, HEAD");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_MAX_AGE, "1209600");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS, "accesstoken");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS, "accesstoken");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.EXPIRES, "-1");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.CACHE_CONTROL, "no-cache");
            routerResponse.addHeader(HttpHeader.HttpHeaderNames.PRAGMA, "no-cache");
        } else {
            Objects.requireNonNull(routerResponse);
            cors.forEach(routerResponse::addHeader);
        }
        return false;
    }

    public static boolean isCorsRequest(RouterRequest routerRequest) {
        HttpHeader header = routerRequest.getHeader();
        return (header == null || header.getHeader(HttpHeader.HttpHeaderNames.ORIGIN) == null) ? false : true;
    }

    public static boolean isRequestOriginEqualRequestHost(RouterRequest routerRequest) {
        HttpHeader header = routerRequest.getHeader();
        if (header == null) {
            return false;
        }
        String header2 = header.getHeader(HttpHeader.HttpHeaderNames.ORIGIN);
        String header3 = header.getHeader(HttpHeader.HttpHeaderNames.HOST);
        if (header2 == null && header3 == null) {
            return true;
        }
        return header2 != null && (header2.equalsIgnoreCase(header3) || ("http://" + header3).equalsIgnoreCase(header2) || ("https://" + header3).equalsIgnoreCase(header2));
    }

    public static boolean isLooseCorsRequest(RouterRequest routerRequest) {
        return HttpMethod.OPTIONS == routerRequest.getMethod() && !isRequestOriginEqualRequestHost(routerRequest);
    }

    public static boolean isPreFlightRequest(RouterRequest routerRequest) {
        return isCorsRequest(routerRequest) && HttpMethod.OPTIONS == routerRequest.getMethod() && routerRequest.getHeader().getHeader(HttpHeader.HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD) != null;
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        this.doCors.remove();
    }
}
