package cn.wjee.boot.autoconfigure.webmvc.filters;

import cn.wjee.boot.autoconfigure.WJeeConstants;
import cn.wjee.boot.autoconfigure.WJeeProperties;
import cn.wjee.boot.commons.http.HttpHeader;
import cn.wjee.boot.commons.http.HttpWebUtils;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.util.Assert;

@Order(Integer.MIN_VALUE)
/* loaded from: input_file:cn/wjee/boot/autoconfigure/webmvc/filters/CorsFilter.class */
public final class CorsFilter implements Filter {
    private final Collection<String> allowedOrigins = new ArrayList();
    private final Collection<String> allowedHttpMethods = new HashSet();
    private final Collection<String> allowedHttpHeaders = new HashSet();
    private final Collection<String> exposedHeaders = new HashSet();
    private boolean anyOriginAllowed = false;
    private boolean supportsCredentials = false;
    private long preflightMaxAge = 0;
    private boolean decorateRequest = false;
    private final WJeeProperties.WebContext webContext;
    private static final String HTTP_REQUEST_ATTRIBUTE_PREFIX = "cors.";
    private static final String HTTP_REQUEST_ATTRIBUTE_ORIGIN = "cors.request.origin";
    private static final String HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST = "cors.isCorsRequest";
    private static final String HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE = "cors.request.type";
    private static final String HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS = "cors.request.headers";
    private static final Logger log = LoggerFactory.getLogger(CorsFilter.class);
    private static final Collection<String> HTTP_METHODS = new HashSet(Arrays.asList("OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE", "TRACE", "CONNECT"));
    private static final Collection<String> COMPLEX_HTTP_METHODS = new HashSet(Arrays.asList("PUT", "DELETE", "TRACE", "CONNECT"));
    private static final Collection<String> SIMPLE_HTTP_REQUEST_CONTENT_TYPE_VALUES = new HashSet(Arrays.asList("application/x-www-form-urlencoded", "multipart/form-data", "text/plain"));

    /* loaded from: input_file:cn/wjee/boot/autoconfigure/webmvc/filters/CorsFilter$CORSRequestType.class */
    public enum CORSRequestType {
        SIMPLE,
        ACTUAL,
        PRE_FLIGHT,
        NOT_CORS,
        INVALID_CORS
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CorsFilter(WJeeProperties.WebContext webContext) {
        this.webContext = webContext;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            throw new ServletException("CORS doesn't support non-HTTP request or response");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!this.webContext.getCors().isEnabledFilter()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        parseAndStore(httpServletRequest);
        CORSRequestType checkRequestType = checkRequestType(httpServletRequest);
        if (this.decorateRequest) {
            decorateCORSProperties(httpServletRequest, checkRequestType);
        }
        switch (checkRequestType) {
            case SIMPLE:
                handleSimpleCORS(httpServletRequest, httpServletResponse, filterChain);
                return;
            case ACTUAL:
                handleSimpleCORS(httpServletRequest, httpServletResponse, filterChain);
                return;
            case PRE_FLIGHT:
                handlePreflightCORS(httpServletRequest, httpServletResponse);
                return;
            case NOT_CORS:
                handleNonCORS(httpServletRequest, httpServletResponse, filterChain);
                return;
            default:
                handleInvalidCORS(httpServletRequest, httpServletResponse);
                return;
        }
    }

    public void init(FilterConfig filterConfig) {
        Assert.notNull(this.webContext, "wjee properties can not be null");
    }

    private void handleSimpleCORS(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        CORSRequestType checkRequestType = checkRequestType(httpServletRequest);
        if (checkRequestType != CORSRequestType.SIMPLE && checkRequestType != CORSRequestType.ACTUAL) {
            throw new IllegalArgumentException(MessageFormat.format("Expects object [{0}] or [{1}]", CORSRequestType.SIMPLE, CORSRequestType.ACTUAL));
        }
        String header = httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode());
        String method = httpServletRequest.getMethod();
        if (!isOriginAllowed(header) || !this.allowedHttpMethods.contains(method)) {
            handleInvalidCORS(httpServletRequest, httpServletResponse);
            return;
        }
        if (!this.anyOriginAllowed || this.supportsCredentials) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_ORIGIN.getCode(), header);
        } else {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_ORIGIN.getCode(), WJeeConstants.Cors.DEFAULT_ALLOWED_ORIGINS);
        }
        if (this.supportsCredentials) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_CREDENTIALS.getCode(), "true");
        }
        if (this.exposedHeaders.size() > 0) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_EXPOSE_HEADERS.getCode(), join(this.exposedHeaders));
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void handlePreflightCORS(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (checkRequestType(httpServletRequest) != CORSRequestType.PRE_FLIGHT) {
            throw new IllegalArgumentException(MessageFormat.format("Expects HttpServletRequest type [{0}]", CORSRequestType.PRE_FLIGHT.name()));
        }
        String header = httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode());
        if (!isOriginAllowed(header)) {
            handleInvalidCORS(httpServletRequest, httpServletResponse);
            return;
        }
        String header2 = httpServletRequest.getHeader(HttpHeader.ACCESS_CONTROL_REQUEST_METHOD.getCode());
        if (header2 == null || !HTTP_METHODS.contains(header2.trim())) {
            handleInvalidCORS(httpServletRequest, httpServletResponse);
            return;
        }
        String trim = header2.trim();
        String header3 = httpServletRequest.getHeader(HttpHeader.ACCESS_CONTROL_REQUEST_HEADERS.getCode());
        LinkedList linkedList = new LinkedList();
        if (header3 != null && !header3.trim().isEmpty()) {
            for (String str : header3.trim().split(",")) {
                linkedList.add(str.trim().toLowerCase());
            }
        }
        if (!this.allowedHttpMethods.contains(trim)) {
            handleInvalidCORS(httpServletRequest, httpServletResponse);
            return;
        }
        if (!linkedList.isEmpty()) {
            Iterator it = linkedList.iterator();
            while (it.hasNext()) {
                if (!this.allowedHttpHeaders.contains((String) it.next())) {
                    handleInvalidCORS(httpServletRequest, httpServletResponse);
                    return;
                }
            }
        }
        if (this.supportsCredentials) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_ORIGIN.getCode(), header);
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_CREDENTIALS.getCode(), "true");
        } else if (this.anyOriginAllowed) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_ORIGIN.getCode(), WJeeConstants.Cors.DEFAULT_ALLOWED_ORIGINS);
        } else {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_ORIGIN.getCode(), header);
        }
        if (this.preflightMaxAge > 0) {
            httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_MAX_AGE.getCode(), String.valueOf(this.preflightMaxAge));
        }
        httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_METHODS.getCode(), trim);
        if (this.allowedHttpHeaders.isEmpty()) {
            return;
        }
        httpServletResponse.addHeader(HttpHeader.ACCESS_CONTROL_ALLOW_HEADERS.getCode(), join(this.allowedHttpHeaders));
    }

    private void handleNonCORS(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void handleInvalidCORS(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode());
        String method = httpServletRequest.getMethod();
        String header2 = httpServletRequest.getHeader(HttpHeader.ACCESS_CONTROL_REQUEST_HEADERS.getCode());
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setStatus(403);
        httpServletResponse.resetBuffer();
        StringBuilder sb = new StringBuilder("Invalid CORS request; Origin=");
        sb.append(header);
        sb.append(";Method=");
        sb.append(method);
        if (header2 != null) {
            sb.append(";Access-Control-Request-Headers=");
            sb.append(header2);
        }
        log.info(sb.toString());
    }

    public void destroy() {
    }

    private static void decorateCORSProperties(HttpServletRequest httpServletRequest, CORSRequestType cORSRequestType) {
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("HttpServletRequest object is null");
        }
        if (cORSRequestType == null) {
            throw new IllegalArgumentException("CORSRequestType object is null");
        }
        switch (cORSRequestType) {
            case SIMPLE:
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST, Boolean.TRUE);
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_ORIGIN, httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode()));
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE, cORSRequestType.name().toLowerCase());
                return;
            case ACTUAL:
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST, Boolean.TRUE);
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_ORIGIN, httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode()));
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE, cORSRequestType.name().toLowerCase());
                return;
            case PRE_FLIGHT:
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST, Boolean.TRUE);
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_ORIGIN, httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode()));
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE, cORSRequestType.name().toLowerCase());
                String header = httpServletRequest.getHeader(HttpHeader.ACCESS_CONTROL_REQUEST_HEADERS.getCode());
                if (header == null) {
                    header = WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS;
                }
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS, header);
                return;
            case NOT_CORS:
                httpServletRequest.setAttribute(HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST, Boolean.FALSE);
                return;
            default:
                return;
        }
    }

    private static String join(Collection<String> collection) {
        if (collection == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (String str : collection) {
            if (z) {
                z = false;
            } else {
                sb.append(",");
            }
            if (str != null) {
                sb.append(str);
            }
        }
        return sb.toString();
    }

    private CORSRequestType checkRequestType(HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("HttpServletRequest object is null");
        }
        String header = httpServletRequest.getHeader(HttpHeader.ORIGIN.getCode());
        if (header == null) {
            return CORSRequestType.NOT_CORS;
        }
        String method = httpServletRequest.getMethod();
        return (header.isEmpty() || !isValidOrigin(header) || method == null || !HTTP_METHODS.contains(method)) ? CORSRequestType.INVALID_CORS : "OPTIONS".equals(method) ? checkOptionsRequestType(httpServletRequest) : ("GET".equals(method) || "HEAD".equals(method)) ? CORSRequestType.SIMPLE : "POST".equals(method) ? checkPostRequestType(httpServletRequest) : COMPLEX_HTTP_METHODS.contains(method) ? CORSRequestType.ACTUAL : CORSRequestType.INVALID_CORS;
    }

    private CORSRequestType checkPostRequestType(HttpServletRequest httpServletRequest) {
        String contentType = httpServletRequest.getContentType();
        if (contentType == null) {
            return CORSRequestType.INVALID_CORS;
        }
        return SIMPLE_HTTP_REQUEST_CONTENT_TYPE_VALUES.contains(contentType.toLowerCase().trim()) ? CORSRequestType.SIMPLE : CORSRequestType.ACTUAL;
    }

    private CORSRequestType checkOptionsRequestType(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(HttpHeader.ACCESS_CONTROL_REQUEST_METHOD.getCode());
        return (header == null || header.isEmpty()) ? header != null ? CORSRequestType.INVALID_CORS : CORSRequestType.ACTUAL : CORSRequestType.PRE_FLIGHT;
    }

    private boolean isOriginAllowed(String str) {
        return this.anyOriginAllowed || this.allowedOrigins.contains(str);
    }

    private void parseAndStore(HttpServletRequest httpServletRequest) {
        WJeeProperties.WebContext.CorsSetting.RoutingCors resolveSingleRoutingCors = this.webContext.getCors().resolveSingleRoutingCors(HttpWebUtils.getRequestURI(httpServletRequest));
        String allowedOrigins = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getAllowedOrigins();
        String allowedHttpMethods = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getAllowedHttpMethods();
        String allowedHttpHeaders = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getAllowedHttpHeaders();
        String allowedExtHttpHeaders = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getAllowedExtHttpHeaders();
        String exposedHeaders = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getExposedHeaders();
        String supportsCredentials = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getSupportsCredentials();
        String preflightMaxAge = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getPreflightMaxAge();
        String decorateRequest = resolveSingleRoutingCors == null ? WJeeConstants.Cors.DEFAULT_EXPOSED_HEADERS : resolveSingleRoutingCors.getDecorateRequest();
        if (allowedOrigins != null && StringUtils.equals(allowedOrigins.trim(), WJeeConstants.Cors.DEFAULT_ALLOWED_ORIGINS)) {
            this.anyOriginAllowed = true;
        }
        if (allowedOrigins != null && !StringUtils.equals(allowedOrigins.trim(), WJeeConstants.Cors.DEFAULT_ALLOWED_ORIGINS)) {
            this.anyOriginAllowed = false;
            Set<String> parseStringToSet = parseStringToSet(allowedOrigins);
            this.allowedOrigins.clear();
            this.allowedOrigins.addAll(parseStringToSet);
        }
        if (allowedHttpMethods != null) {
            Set<String> parseStringToSet2 = parseStringToSet(allowedHttpMethods);
            this.allowedHttpMethods.clear();
            this.allowedHttpMethods.addAll(parseStringToSet2);
        }
        if (allowedHttpHeaders != null) {
            Set<String> parseStringToSet3 = parseStringToSet(allowedHttpHeaders);
            HashSet hashSet = new HashSet();
            Iterator<String> it = parseStringToSet3.iterator();
            while (it.hasNext()) {
                hashSet.add(it.next().toLowerCase());
            }
            this.allowedHttpHeaders.clear();
            this.allowedHttpHeaders.addAll(hashSet);
        }
        if (StringUtils.isNotBlank(allowedExtHttpHeaders)) {
            Iterator<String> it2 = parseStringToSet(allowedExtHttpHeaders).iterator();
            while (it2.hasNext()) {
                this.allowedHttpHeaders.add(StringUtils.lowerCase(it2.next()));
            }
        }
        if (exposedHeaders != null) {
            Set<String> parseStringToSet4 = parseStringToSet(exposedHeaders);
            this.exposedHeaders.clear();
            this.exposedHeaders.addAll(parseStringToSet4);
            this.allowedHttpHeaders.addAll(parseStringToSet4);
        }
        if (supportsCredentials != null) {
            this.supportsCredentials = Boolean.parseBoolean(supportsCredentials);
        }
        if (StringUtils.isNumeric(preflightMaxAge)) {
            this.preflightMaxAge = Long.parseLong(preflightMaxAge);
        }
        if (decorateRequest != null) {
            this.decorateRequest = Boolean.parseBoolean(decorateRequest);
        }
    }

    private Set<String> parseStringToSet(String str) {
        String[] strArr = new String[0];
        if (StringUtils.isNotBlank(str)) {
            strArr = str.split(",");
        }
        HashSet hashSet = new HashSet();
        if (strArr.length <= 0) {
            return hashSet;
        }
        for (String str2 : strArr) {
            hashSet.add(str2.trim());
        }
        return hashSet;
    }

    private static boolean isValidOrigin(String str) {
        if (str.contains("%")) {
            return false;
        }
        try {
            return new URI(str).getScheme() != null;
        } catch (URISyntaxException e) {
            return false;
        }
    }
}
