package org.beangle.webmvc.execution.interceptors;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.beangle.commons.bean.Initializing;
import org.beangle.commons.lang.annotation.description;
import org.beangle.commons.web.intercept.Interceptor;
import scala.MatchError;
import scala.Predef$;
import scala.collection.immutable.Set;
import scala.collection.mutable.ArrayOps;
import scala.collection.mutable.HashSet;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxesRunTime;

/* compiled from: CorsInterceptor.scala */
@description("支持跨域调用CORS的拦截器")
@ScalaSignature(bytes = "\u0006\u0001\teq!B\u0001\u0003\u0011\u0003i\u0011aD\"peNLe\u000e^3sG\u0016\u0004Ho\u001c:\u000b\u0005\r!\u0011\u0001D5oi\u0016\u00148-\u001a9u_J\u001c(BA\u0003\u0007\u0003%)\u00070Z2vi&|gN\u0003\u0002\b\u0011\u00051q/\u001a2nm\u000eT!!\u0003\u0006\u0002\u000f\t,\u0017M\\4mK*\t1\"A\u0002pe\u001e\u001c\u0001\u0001\u0005\u0002\u000f\u001f5\t!AB\u0003\u0011\u0005!\u0005\u0011CA\bD_J\u001c\u0018J\u001c;fe\u000e,\u0007\u000f^8s'\ty!\u0003\u0005\u0002\u0014-5\tACC\u0001\u0016\u0003\u0015\u00198-\u00197b\u0013\t9BC\u0001\u0004B]f\u0014VM\u001a\u0005\u00063=!\tAG\u0001\u0007y%t\u0017\u000e\u001e \u0015\u00035Aq\u0001H\bC\u0002\u0013\u0005Q$\u0001\u0007Pe&<\u0017N\u001c%fC\u0012,'/F\u0001\u001f!\tyB%D\u0001!\u0015\t\t#%\u0001\u0003mC:<'\"A\u0012\u0002\t)\fg/Y\u0005\u0003K\u0001\u0012aa\u0015;sS:<\u0007BB\u0014\u0010A\u0003%a$A\u0007Pe&<\u0017N\u001c%fC\u0012,'\u000f\t\u0005\bS=\u0011\r\u0011\"\u0001\u001e\u0003M\u0011V-];fgRlU\r\u001e5pI\"+\u0017\rZ3s\u0011\u0019Ys\u0002)A\u0005=\u0005!\"+Z9vKN$X*\u001a;i_\u0012DU-\u00193fe\u0002Bq!L\bC\u0002\u0013\u0005Q$\u0001\u000bSKF,Xm\u001d;IK\u0006$WM]:IK\u0006$WM\u001d\u0005\u0007_=\u0001\u000b\u0011\u0002\u0010\u0002+I+\u0017/^3ti\"+\u0017\rZ3sg\"+\u0017\rZ3sA!9\u0011g\u0004b\u0001\n\u0003i\u0012!E!mY><xJ]5hS:DU-\u00193fe\"11g\u0004Q\u0001\ny\t!#\u00117m_^|%/[4j]\"+\u0017\rZ3sA!9Qg\u0004b\u0001\n\u0003i\u0012AE!mY><X*\u001a;i_\u0012\u001c\b*Z1eKJDaaN\b!\u0002\u0013q\u0012aE!mY><X*\u001a;i_\u0012\u001c\b*Z1eKJ\u0004\u0003bB\u001d\u0010\u0005\u0004%\t!H\u0001\u0013\u00032dwn\u001e%fC\u0012,'o\u001d%fC\u0012,'\u000f\u0003\u0004<\u001f\u0001\u0006IAH\u0001\u0014\u00032dwn\u001e%fC\u0012,'o\u001d%fC\u0012,'\u000f\t\u0005\b{=\u0011\r\u0011\"\u0001\u001e\u00031i\u0015\r_!hK\"+\u0017\rZ3s\u0011\u0019yt\u0002)A\u0005=\u0005iQ*\u0019=BO\u0016DU-\u00193fe\u0002Bq!Q\bC\u0002\u0013\u0005Q$\u0001\fBY2|wo\u0011:fI\u0016tG/[1mg\"+\u0017\rZ3s\u0011\u0019\u0019u\u0002)A\u0005=\u00059\u0012\t\u001c7po\u000e\u0013X\rZ3oi&\fGn\u001d%fC\u0012,'\u000f\t\u0005\b\u000b>\u0011\r\u0011\"\u0001\u001e\u0003M)\u0005\u0010]8tK\"+\u0017\rZ3sg\"+\u0017\rZ3s\u0011\u00199u\u0002)A\u0005=\u0005!R\t\u001f9pg\u0016DU-\u00193feNDU-\u00193fe\u0002Bq!S\bC\u0002\u0013\u0005Q$A\u0005B]f|%/[4j]\"11j\u0004Q\u0001\ny\t!\"\u00118z\u001fJLw-\u001b8!\u0011\u001diuB1A\u0005\u00029\u000b!cQ8na2,\u0007\u0010\u0013;ua6+G\u000f[8egV\tq\nE\u0002Q+zi\u0011!\u0015\u0006\u0003%N\u000b\u0011\"[7nkR\f'\r\\3\u000b\u0005Q#\u0012AC2pY2,7\r^5p]&\u0011a+\u0015\u0002\u0004'\u0016$\bB\u0002-\u0010A\u0003%q*A\nD_6\u0004H.\u001a=IiR\u0004X*\u001a;i_\u0012\u001c\b\u0005C\u0004[\u001f\t\u0007I\u0011\u0001(\u0002-MKW\u000e\u001d7f\u0011R$\boQ8oi\u0016tG\u000fV=qKNDa\u0001X\b!\u0002\u0013y\u0015aF*j[BdW\r\u0013;ua\u000e{g\u000e^3oiRK\b/Z:!\r\u0011\u0001\"\u0001\u00010\u0014\tu\u0013r,\u001b\t\u0003A\u001el\u0011!\u0019\u0006\u0003E\u000e\f\u0011\"\u001b8uKJ\u001cW\r\u001d;\u000b\u0005\u0011,\u0017aA<fE*\u0011a\rC\u0001\bG>lWn\u001c8t\u0013\tA\u0017MA\u0006J]R,'oY3qi>\u0014\bC\u00016n\u001b\u0005Y'B\u00017f\u0003\u0011\u0011W-\u00198\n\u00059\\'\u0001D%oSRL\u0017\r\\5{S:<\u0007\"B\r^\t\u0003\u0001H#A9\u0011\u00059i\u0006\"C:^\u0001\u0004\u0005\r\u0011\"\u0001u\u0003A\tg._(sS\u001eLg.\u00117m_^,G-F\u0001v!\t\u0019b/\u0003\u0002x)\t9!i\\8mK\u0006t\u0007\"C=^\u0001\u0004\u0005\r\u0011\"\u0001{\u0003Q\tg._(sS\u001eLg.\u00117m_^,Gm\u0018\u0013fcR\u00111P \t\u0003'qL!! \u000b\u0003\tUs\u0017\u000e\u001e\u0005\b\u007fb\f\t\u00111\u0001v\u0003\rAH%\r\u0005\u000b\u0003\u0007i\u0006\u0019!A!B\u0013)\u0018!E1os>\u0013\u0018nZ5o\u00032dwn^3eA!I\u0011qA/A\u0002\u0013\u0005\u0011\u0011B\u0001\u000fC2dwn^3e\u001fJLw-\u001b8t+\t\tY\u0001\u0005\u0004\u0002\u000e\u0005M\u0011qC\u0007\u0003\u0003\u001fQ1!!\u0005T\u0003\u001diW\u000f^1cY\u0016LA!!\u0006\u0002\u0010\t9\u0001*Y:i'\u0016$\b\u0003BA\r\u0003OqA!a\u0007\u0002$A\u0019\u0011Q\u0004\u000b\u000e\u0005\u0005}!bAA\u0011\u0019\u00051AH]8pizJ1!!\n\u0015\u0003\u0019\u0001&/\u001a3fM&\u0019Q%!\u000b\u000b\u0007\u0005\u0015B\u0003C\u0005\u0002.u\u0003\r\u0011\"\u0001\u00020\u0005\u0011\u0012\r\u001c7po\u0016$wJ]5hS:\u001cx\fJ3r)\rY\u0018\u0011\u0007\u0005\n\u007f\u0006-\u0012\u0011!a\u0001\u0003\u0017A\u0001\"!\u000e^A\u0003&\u00111B\u0001\u0010C2dwn^3e\u001fJLw-\u001b8tA!I\u0011\u0011H/A\u0002\u0013\u0005\u0011\u0011B\u0001\u000fC2dwn^3e\u001b\u0016$\bn\u001c3t\u0011%\ti$\u0018a\u0001\n\u0003\ty$\u0001\nbY2|w/\u001a3NKRDw\u000eZ:`I\u0015\fHcA>\u0002B!Iq0a\u000f\u0002\u0002\u0003\u0007\u00111\u0002\u0005\t\u0003\u000bj\u0006\u0015)\u0003\u0002\f\u0005y\u0011\r\u001c7po\u0016$W*\u001a;i_\u0012\u001c\b\u0005C\u0005\u0002Ju\u0013\r\u0011\"\u0001\u0002\n\u0005q\u0011\r\u001c7po\u0016$\u0007*Z1eKJ\u001c\b\u0002CA';\u0002\u0006I!a\u0003\u0002\u001f\u0005dGn\\<fI\"+\u0017\rZ3sg\u0002B\u0011\"!\u0015^\u0005\u0004%\t!!\u0003\u0002\u001d\u0015D\bo\\:fI\"+\u0017\rZ3sg\"A\u0011QK/!\u0002\u0013\tY!A\bfqB|7/\u001a3IK\u0006$WM]:!\u0011%\tI&\u0018a\u0001\n\u0003\tY&A\bqe\u00164G.[4ii6\u000b\u00070Q4f+\t\ti\u0006E\u0002\u0014\u0003?J1!!\u0019\u0015\u0005\rIe\u000e\u001e\u0005\n\u0003Kj\u0006\u0019!C\u0001\u0003O\n1\u0003\u001d:fM2Lw\r\u001b;NCb\fu-Z0%KF$2a_A5\u0011%y\u00181MA\u0001\u0002\u0004\ti\u0006\u0003\u0005\u0002nu\u0003\u000b\u0015BA/\u0003A\u0001(/\u001a4mS\u001eDG/T1y\u0003\u001e,\u0007\u0005\u0003\u0005\u0002ru\u0003\r\u0011\"\u0001u\u0003A\tG\u000e\\8x\u0007J,G-\u001a8uS\u0006d7\u000fC\u0005\u0002vu\u0003\r\u0011\"\u0001\u0002x\u0005!\u0012\r\u001c7po\u000e\u0013X\rZ3oi&\fGn]0%KF$2a_A=\u0011!y\u00181OA\u0001\u0002\u0004)\bbBA?;\u0002\u0006K!^\u0001\u0012C2dwn^\"sK\u0012,g\u000e^5bYN\u0004\u0003\u0002CAA;\u0002\u0007I\u0011\u0001;\u0002\u001d\rD\u0017-\u001b8Qe\u00164G.[4ii\"I\u0011QQ/A\u0002\u0013\u0005\u0011qQ\u0001\u0013G\"\f\u0017N\u001c)sK\u001ad\u0017n\u001a5u?\u0012*\u0017\u000fF\u0002|\u0003\u0013C\u0001b`AB\u0003\u0003\u0005\r!\u001e\u0005\b\u0003\u001bk\u0006\u0015)\u0003v\u0003=\u0019\u0007.Y5o!J,g\r\\5hQR\u0004\u0003bBAI;\u0012\u0005\u00111S\u0001\u0005S:LG\u000fF\u0001|\u0011\u001d\t9*\u0018C\u0001\u00033\u000b\u0011\u0002\u001d:f\u0013:4xn[3\u0015\u000bU\fY*a-\t\u0011\u0005u\u0015Q\u0013a\u0001\u0003?\u000b1A]3r!\u0011\t\t+a,\u000e\u0005\u0005\r&\u0002BAS\u0003O\u000bA\u0001\u001b;ua*!\u0011\u0011VAV\u0003\u001d\u0019XM\u001d<mKRT!!!,\u0002\u000b)\fg/\u0019=\n\t\u0005E\u00161\u0015\u0002\u0013\u0011R$\boU3sm2,GOU3rk\u0016\u001cH\u000f\u0003\u0005\u00026\u0006U\u0005\u0019AA\\\u0003\r\u0011Xm\u001d\t\u0005\u0003C\u000bI,\u0003\u0003\u0002<\u0006\r&a\u0005%uiB\u001cVM\u001d<mKR\u0014Vm\u001d9p]N,\u0007bBA`;\u0012\u0005\u0011\u0011Y\u0001\u000ba>\u001cH/\u00138w_.,G#B>\u0002D\u0006\u0015\u0007\u0002CAO\u0003{\u0003\r!a(\t\u0011\u0005U\u0016Q\u0018a\u0001\u0003oCq!!3^\t\u0013\tY-A\tiC:$G.Z%om\u0006d\u0017\u000eZ\"P%N#2!^Ag\u0011!\t),a2A\u0002\u0005]\u0006bBAi;\u0012%\u00111[\u0001\u0011Q\u0006tG\r\\3TS6\u0004H.Z\"peN$r!^Ak\u0003/\fI\u000e\u0003\u0005\u0002\u001e\u0006=\u0007\u0019AAP\u0011!\t),a4A\u0002\u0005]\u0006\u0002CAn\u0003\u001f\u0004\r!a\u0006\u0002\r=\u0014\u0018nZ5o\u0011\u001d\ty.\u0018C\u0005\u0003C\f1\u0003[1oI2,\u0007K]3gY&<\u0007\u000e^\"peN$r!^Ar\u0003K\f9\u000f\u0003\u0005\u0002\u001e\u0006u\u0007\u0019AAP\u0011!\t),!8A\u0002\u0005]\u0006\u0002CAn\u0003;\u0004\r!a\u0006\t\u000f\u0005-X\f\"\u0003\u0002n\u0006\t\u0012M]3IK\u0006$WM]:BY2|w/\u001a3\u0015\u0007U\fy\u000f\u0003\u0005\u0002\u001e\u0006%\b\u0019AAP\u0011\u001d\t\u00190\u0018C\u0005\u0003k\f\u0001c\u00195fG.\u0014V-];fgR$\u0016\u0010]3\u0015\r\u0005u\u0013q_A}\u0011!\tY.!=A\u0002\u0005]\u0001\u0002CAO\u0003c\u0004\r!a(\t\u000f\u0005uX\f\"\u0003\u0002��\u0006y\u0011n](sS\u001eLg.\u00117m_^,G\rF\u0002v\u0005\u0003A\u0001\"a7\u0002|\u0002\u0007\u0011q\u0003\u0015\b;\n\u0015!1\u0003B\u000b!\u0011\u00119Aa\u0004\u000e\u0005\t%!\u0002\u0002B\u0006\u0005\u001b\t!\"\u00198o_R\fG/[8o\u0015\t\tS-\u0003\u0003\u0003\u0012\t%!a\u00033fg\u000e\u0014\u0018\u000e\u001d;j_:\fQA^1mk\u0016\f#Aa\u0006\u0002E\u0019(zV:G\u0002R`F[}hPib\u000f=O\u0013k\"P%N;/\u0014\"t\fN\u001bH)6zM)\u0002")
/* loaded from: input_file:org/beangle/webmvc/execution/interceptors/CorsInterceptor.class */
public class CorsInterceptor implements Interceptor, Initializing {
    private boolean anyOriginAllowed;
    private HashSet<String> allowedOrigins = new HashSet().$plus(CorsInterceptor$.MODULE$.AnyOrigin());
    private HashSet<String> allowedMethods = new HashSet().$plus$plus(Predef$.MODULE$.Set().apply(Predef$.MODULE$.wrapRefArray(new String[]{"GET", "POST", "HEAD", "OPTIONS"})));
    private final HashSet<String> allowedHeaders = new HashSet().$plus$plus(Predef$.MODULE$.Set().apply(Predef$.MODULE$.wrapRefArray(new String[]{"X-Requested-With", "Content-Type", "Accept", "Origin"})));
    private final HashSet<String> exposedHeaders = new HashSet<>();
    private int preflightMaxAge = 1800;
    private boolean allowCredentials = false;
    private boolean chainPreflight = true;

    public static Set<String> SimpleHttpContentTypes() {
        return CorsInterceptor$.MODULE$.SimpleHttpContentTypes();
    }

    public static Set<String> ComplexHttpMethods() {
        return CorsInterceptor$.MODULE$.ComplexHttpMethods();
    }

    public static String AnyOrigin() {
        return CorsInterceptor$.MODULE$.AnyOrigin();
    }

    public static String ExposeHeadersHeader() {
        return CorsInterceptor$.MODULE$.ExposeHeadersHeader();
    }

    public static String AllowCredentialsHeader() {
        return CorsInterceptor$.MODULE$.AllowCredentialsHeader();
    }

    public static String MaxAgeHeader() {
        return CorsInterceptor$.MODULE$.MaxAgeHeader();
    }

    public static String AllowHeadersHeader() {
        return CorsInterceptor$.MODULE$.AllowHeadersHeader();
    }

    public static String AllowMethodsHeader() {
        return CorsInterceptor$.MODULE$.AllowMethodsHeader();
    }

    public static String AllowOriginHeader() {
        return CorsInterceptor$.MODULE$.AllowOriginHeader();
    }

    public static String RequestHeadersHeader() {
        return CorsInterceptor$.MODULE$.RequestHeadersHeader();
    }

    public static String RequestMethodHeader() {
        return CorsInterceptor$.MODULE$.RequestMethodHeader();
    }

    public static String OriginHeader() {
        return CorsInterceptor$.MODULE$.OriginHeader();
    }

    public boolean anyOriginAllowed() {
        return this.anyOriginAllowed;
    }

    public void anyOriginAllowed_$eq(boolean z) {
        this.anyOriginAllowed = z;
    }

    public HashSet<String> allowedOrigins() {
        return this.allowedOrigins;
    }

    public void allowedOrigins_$eq(HashSet<String> hashSet) {
        this.allowedOrigins = hashSet;
    }

    public HashSet<String> allowedMethods() {
        return this.allowedMethods;
    }

    public void allowedMethods_$eq(HashSet<String> hashSet) {
        this.allowedMethods = hashSet;
    }

    public HashSet<String> allowedHeaders() {
        return this.allowedHeaders;
    }

    public HashSet<String> exposedHeaders() {
        return this.exposedHeaders;
    }

    public int preflightMaxAge() {
        return this.preflightMaxAge;
    }

    public void preflightMaxAge_$eq(int i) {
        this.preflightMaxAge = i;
    }

    public boolean allowCredentials() {
        return this.allowCredentials;
    }

    public void allowCredentials_$eq(boolean z) {
        this.allowCredentials = z;
    }

    public boolean chainPreflight() {
        return this.chainPreflight;
    }

    public void chainPreflight_$eq(boolean z) {
        this.chainPreflight = z;
    }

    public void init() {
        anyOriginAllowed_$eq(allowedOrigins().contains(CorsInterceptor$.MODULE$.AnyOrigin()));
    }

    public boolean preInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        boolean handleInvalidCORS;
        String header = httpServletRequest.getHeader(CorsInterceptor$.MODULE$.OriginHeader());
        if (header == null) {
            return true;
        }
        int checkRequestType = checkRequestType(header, httpServletRequest);
        if (CORSRequestType$.MODULE$.SIMPLE() == checkRequestType ? true : CORSRequestType$.MODULE$.ACTUAL() == checkRequestType) {
            handleInvalidCORS = handleSimpleCors(httpServletRequest, httpServletResponse, header);
        } else if (CORSRequestType$.MODULE$.PRE_FLIGHT() == checkRequestType) {
            handleInvalidCORS = handlePreflightCors(httpServletRequest, httpServletResponse, header);
        } else {
            if (CORSRequestType$.MODULE$.INVALID_CORS() != checkRequestType) {
                throw new MatchError(BoxesRunTime.boxToInteger(checkRequestType));
            }
            handleInvalidCORS = handleInvalidCORS(httpServletResponse);
        }
        return handleInvalidCORS;
    }

    public void postInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    private boolean handleInvalidCORS(HttpServletResponse httpServletResponse) {
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setStatus(403);
        httpServletResponse.resetBuffer();
        return false;
    }

    private boolean handleSimpleCors(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        if (!anyOriginAllowed() || allowCredentials()) {
            httpServletResponse.addHeader(CorsInterceptor$.MODULE$.AllowOriginHeader(), str);
        } else {
            httpServletResponse.addHeader(CorsInterceptor$.MODULE$.AllowOriginHeader(), CorsInterceptor$.MODULE$.AnyOrigin());
        }
        if (allowCredentials()) {
            httpServletResponse.setHeader(CorsInterceptor$.MODULE$.AllowCredentialsHeader(), "true");
        }
        if (exposedHeaders().isEmpty()) {
            return true;
        }
        httpServletResponse.setHeader(CorsInterceptor$.MODULE$.ExposeHeadersHeader(), exposedHeaders().mkString(","));
        return true;
    }

    private boolean handlePreflightCors(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        if (!allowedMethods().contains(httpServletRequest.getHeader(CorsInterceptor$.MODULE$.RequestMethodHeader())) || !areHeadersAllowed(httpServletRequest)) {
            return false;
        }
        httpServletResponse.setHeader(CorsInterceptor$.MODULE$.AllowOriginHeader(), str);
        if (allowCredentials()) {
            httpServletResponse.setHeader(CorsInterceptor$.MODULE$.AllowCredentialsHeader(), "true");
        }
        if (preflightMaxAge() > 0) {
            httpServletResponse.setHeader(CorsInterceptor$.MODULE$.MaxAgeHeader(), String.valueOf(preflightMaxAge()));
        }
        httpServletResponse.setHeader(CorsInterceptor$.MODULE$.AllowMethodsHeader(), allowedMethods().mkString(","));
        httpServletResponse.setHeader(CorsInterceptor$.MODULE$.AllowHeadersHeader(), allowedHeaders().mkString(","));
        return chainPreflight();
    }

    private boolean areHeadersAllowed(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(CorsInterceptor$.MODULE$.RequestHeadersHeader());
        return header == null || new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(header.split(","))).toSet().subsetOf(allowedHeaders());
    }

    private int checkRequestType(String str, HttpServletRequest httpServletRequest) {
        if (!isOriginAllowed(str)) {
            return CORSRequestType$.MODULE$.INVALID_CORS();
        }
        String method = httpServletRequest.getMethod();
        if (!allowedMethods().contains(method)) {
            return CORSRequestType$.MODULE$.INVALID_CORS();
        }
        if ("OPTIONS".equals(method)) {
            return allowedMethods().contains(httpServletRequest.getHeader(CorsInterceptor$.MODULE$.RequestMethodHeader())) ? CORSRequestType$.MODULE$.PRE_FLIGHT() : CORSRequestType$.MODULE$.INVALID_CORS();
        }
        if ("GET".equals(method) || "HEAD".equals(method)) {
            return CORSRequestType$.MODULE$.SIMPLE();
        }
        if (!"POST".equals(method)) {
            return CorsInterceptor$.MODULE$.ComplexHttpMethods().contains(method) ? CORSRequestType$.MODULE$.ACTUAL() : CORSRequestType$.MODULE$.INVALID_CORS();
        }
        String contentType = httpServletRequest.getContentType();
        return contentType != null ? CorsInterceptor$.MODULE$.SimpleHttpContentTypes().contains(contentType.toLowerCase().trim()) ? CORSRequestType$.MODULE$.SIMPLE() : CORSRequestType$.MODULE$.ACTUAL() : CORSRequestType$.MODULE$.INVALID_CORS();
    }

    private boolean isOriginAllowed(String str) {
        return anyOriginAllowed() ? str.indexOf(37) == -1 : allowedOrigins().contains(str);
    }
}
