package io.micronaut.http.server.cors;

import io.micronaut.core.async.publisher.Publishers;
import io.micronaut.core.convert.ArgumentConversionContext;
import io.micronaut.core.convert.ConversionContext;
import io.micronaut.core.util.StringUtils;
import io.micronaut.http.HttpHeaders;
import io.micronaut.http.HttpMethod;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpResponse;
import io.micronaut.http.HttpStatus;
import io.micronaut.http.MutableHttpResponse;
import io.micronaut.http.annotation.Filter;
import io.micronaut.http.filter.HttpServerFilter;
import io.micronaut.http.filter.ServerFilterChain;
import io.micronaut.http.server.HttpServerConfiguration;
import io.micronaut.web.router.resource.StaticResourceConfiguration;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.reactivestreams.Publisher;

@Filter({StaticResourceConfiguration.DEFAULT_MAPPING})
/* loaded from: input_file:io/micronaut/http/server/cors/CorsFilter.class */
public class CorsFilter implements HttpServerFilter {
    private static final ArgumentConversionContext<HttpMethod> CONVERSION_CONTEXT_HTTP_METHOD = ConversionContext.of(HttpMethod.class);
    protected final HttpServerConfiguration.CorsConfiguration corsConfiguration;

    public CorsFilter(HttpServerConfiguration.CorsConfiguration corsConfiguration) {
        this.corsConfiguration = corsConfiguration;
    }

    @Override // io.micronaut.http.filter.HttpServerFilter
    public Publisher<MutableHttpResponse<?>> doFilter(HttpRequest<?> httpRequest, ServerFilterChain serverFilterChain) {
        if (!httpRequest.getHeaders().getOrigin().isPresent()) {
            return serverFilterChain.proceed(httpRequest);
        }
        Optional<MutableHttpResponse<?>> handleRequest = handleRequest(httpRequest);
        return handleRequest.isPresent() ? Publishers.just(handleRequest.get()) : Publishers.map(serverFilterChain.proceed(httpRequest), mutableHttpResponse -> {
            handleResponse(httpRequest, mutableHttpResponse);
            return mutableHttpResponse;
        });
    }

    @Override // io.micronaut.core.order.Ordered
    public int getOrder() {
        return Integer.MIN_VALUE;
    }

    protected void handleResponse(HttpRequest<?> httpRequest, MutableHttpResponse<?> mutableHttpResponse) {
        HttpHeaders headers = httpRequest.getHeaders();
        headers.getOrigin().ifPresent(str -> {
            Optional<CorsOriginConfiguration> configuration = getConfiguration(str);
            if (configuration.isPresent()) {
                CorsOriginConfiguration corsOriginConfiguration = configuration.get();
                if (CorsUtil.isPreflightRequest(httpRequest)) {
                    setAllowMethods((HttpMethod) headers.getFirst("Access-Control-Request-Method", CONVERSION_CONTEXT_HTTP_METHOD).get(), mutableHttpResponse);
                    headers.get((HttpHeaders) "Access-Control-Request-Headers", (ArgumentConversionContext) ConversionContext.LIST_OF_STRING).ifPresent(list -> {
                        setAllowHeaders(list, mutableHttpResponse);
                    });
                    setMaxAge(corsOriginConfiguration.getMaxAge().longValue(), mutableHttpResponse);
                }
                setOrigin(str, mutableHttpResponse);
                setVary(mutableHttpResponse);
                setExposeHeaders(corsOriginConfiguration.getExposedHeaders(), mutableHttpResponse);
                setAllowCredentials(corsOriginConfiguration, mutableHttpResponse);
            }
        });
    }

    protected Optional<MutableHttpResponse<?>> handleRequest(HttpRequest httpRequest) {
        HttpHeaders headers = httpRequest.getHeaders();
        Optional<String> origin = headers.getOrigin();
        if (origin.isPresent()) {
            String str = origin.get();
            boolean isPreflightRequest = CorsUtil.isPreflightRequest(httpRequest);
            Optional<CorsOriginConfiguration> configuration = getConfiguration(str);
            if (configuration.isPresent()) {
                CorsOriginConfiguration corsOriginConfiguration = configuration.get();
                HttpMethod method = httpRequest.getMethod();
                List<HttpMethod> allowedMethods = corsOriginConfiguration.getAllowedMethods();
                if (!isAnyMethod(allowedMethods)) {
                    HttpMethod httpMethod = isPreflightRequest ? (HttpMethod) headers.getFirst("Access-Control-Request-Method", CONVERSION_CONTEXT_HTTP_METHOD).orElse(method) : method;
                    if (allowedMethods.stream().noneMatch(httpMethod2 -> {
                        return httpMethod2.equals(httpMethod);
                    })) {
                        return Optional.of(HttpResponse.status(HttpStatus.FORBIDDEN));
                    }
                }
                if (isPreflightRequest) {
                    Optional<T> optional = headers.get((HttpHeaders) "Access-Control-Request-Headers", (ArgumentConversionContext) ConversionContext.LIST_OF_STRING);
                    List<String> allowedHeaders = corsOriginConfiguration.getAllowedHeaders();
                    if (!isAny(allowedHeaders) && optional.isPresent() && !((List) optional.get()).stream().allMatch(str2 -> {
                        return allowedHeaders.stream().anyMatch(str2 -> {
                            return str2.equals(str2.trim());
                        });
                    })) {
                        return Optional.of(HttpResponse.status(HttpStatus.FORBIDDEN));
                    }
                    MutableHttpResponse<?> ok = HttpResponse.ok();
                    handleResponse(httpRequest, ok);
                    return Optional.of(ok);
                }
            }
        }
        return Optional.empty();
    }

    protected void setAllowCredentials(CorsOriginConfiguration corsOriginConfiguration, MutableHttpResponse<?> mutableHttpResponse) {
        if (corsOriginConfiguration.isAllowCredentials()) {
            mutableHttpResponse.header((CharSequence) "Access-Control-Allow-Credentials", (CharSequence) Boolean.toString(true));
        }
    }

    protected void setExposeHeaders(List<String> list, MutableHttpResponse<?> mutableHttpResponse) {
        if (!this.corsConfiguration.isSingleHeader()) {
            list.forEach(str -> {
                mutableHttpResponse.header("Access-Control-Expose-Headers", (CharSequence) str);
            });
            return;
        }
        String join = String.join(",", list);
        if (StringUtils.isNotEmpty(join)) {
            mutableHttpResponse.header((CharSequence) "Access-Control-Expose-Headers", (CharSequence) join);
        }
    }

    protected void setVary(MutableHttpResponse<?> mutableHttpResponse) {
        mutableHttpResponse.header((CharSequence) "Vary", (CharSequence) "Origin");
    }

    protected void setOrigin(String str, MutableHttpResponse mutableHttpResponse) {
        mutableHttpResponse.header("Access-Control-Allow-Origin", (CharSequence) str);
    }

    protected void setAllowMethods(HttpMethod httpMethod, MutableHttpResponse mutableHttpResponse) {
        mutableHttpResponse.header("Access-Control-Allow-Methods", (CharSequence) httpMethod);
    }

    protected void setAllowHeaders(List<?> list, MutableHttpResponse mutableHttpResponse) {
        List list2 = (List) list.stream().map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toList());
        if (!this.corsConfiguration.isSingleHeader()) {
            list2.forEach(str -> {
                mutableHttpResponse.header("Access-Control-Allow-Headers", (CharSequence) str);
            });
            return;
        }
        String join = String.join(",", list2);
        if (StringUtils.isNotEmpty(join)) {
            mutableHttpResponse.header("Access-Control-Allow-Headers", (CharSequence) join);
        }
    }

    protected void setMaxAge(long j, MutableHttpResponse mutableHttpResponse) {
        if (j > -1) {
            mutableHttpResponse.header("Access-Control-Max-Age", (CharSequence) Long.toString(j));
        }
    }

    private Optional<CorsOriginConfiguration> getConfiguration(String str) {
        for (Map.Entry<String, CorsOriginConfiguration> entry : this.corsConfiguration.getConfigurations().entrySet()) {
            List<String> allowedOrigins = entry.getValue().getAllowedOrigins();
            if (!allowedOrigins.isEmpty()) {
                boolean z = isAny(allowedOrigins);
                if (!z) {
                    z = allowedOrigins.stream().anyMatch(str2 -> {
                        if (str2.equals(str)) {
                            return true;
                        }
                        return Pattern.compile(str2).matcher(str).matches();
                    });
                }
                if (z) {
                    return Optional.of(entry.getValue());
                }
            }
        }
        return Optional.empty();
    }

    private boolean isAny(List<String> list) {
        return list == CorsOriginConfiguration.ANY;
    }

    private boolean isAnyMethod(List<HttpMethod> list) {
        return list == CorsOriginConfiguration.ANY_METHOD;
    }
}
