package org.apache.nifi.web.server;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringEscapeUtils;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.ScopedHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/web/server/HostHeaderHandler.class */
public class HostHeaderHandler extends ScopedHandler {
    private static final Logger logger = LoggerFactory.getLogger(HostHeaderHandler.class);
    private final String serverName;
    private final int serverPort;
    private final List<String> validHosts;

    public HostHeaderHandler(String str) {
        this(str, 0);
    }

    public HostHeaderHandler(String str, int i) {
        this.serverName = (String) Objects.requireNonNull(str);
        this.serverPort = i;
        this.validHosts = new ArrayList();
        this.validHosts.add(str.toLowerCase());
        this.validHosts.add(str.toLowerCase() + ":" + i);
        this.validHosts.add("localhost");
        this.validHosts.add("localhost:" + i);
        this.validHosts.add("");
        try {
            this.validHosts.add(InetAddress.getLocalHost().getHostName().toLowerCase());
            this.validHosts.add(InetAddress.getLocalHost().getHostName().toLowerCase() + ":" + i);
        } catch (Exception e) {
            logger.warn("Failed to determine local hostname.", e);
        }
        logger.info("Created " + toString());
    }

    public void doScope(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        logger.debug("HostHeaderHandler#doScope on " + httpServletRequest.getRequestURI());
        nextScope(str, request, httpServletRequest, httpServletResponse);
    }

    private boolean hostHeaderIsValid(String str) {
        return this.validHosts.contains(str.toLowerCase().trim());
    }

    public String toString() {
        return "HostHeaderHandler for " + this.serverName + ":" + this.serverPort;
    }

    public void doHandle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String header = httpServletRequest.getHeader("Host");
        logger.debug("Received request [" + httpServletRequest.getRequestURI() + "] with host header: " + header);
        if (hostHeaderIsValid(header)) {
            return;
        }
        logger.warn("Request host header [" + header + "] different from web hostname [" + this.serverName + "(:" + this.serverPort + ")]. Overriding to [" + this.serverName + ":" + this.serverPort + httpServletRequest.getRequestURI() + "]");
        httpServletResponse.setContentType("text/html; charset=utf-8");
        httpServletResponse.setStatus(200);
        PrintWriter writer = httpServletResponse.getWriter();
        writer.println("<h1>System Error</h1>");
        writer.println("<h2>The request contained an invalid host header [" + StringEscapeUtils.escapeHtml4(header) + "] in the request [" + StringEscapeUtils.escapeHtml4(httpServletRequest.getRequestURI()) + "]. Check for request manipulation or third-party intercept. </h2>");
        request.setHandled(true);
    }
}
