package cc.shacocloud.mirage.restful.cors;

import cc.shacocloud.mirage.restful.HttpRequest;
import cc.shacocloud.mirage.restful.HttpResponse;
import cc.shacocloud.mirage.restful.http.HttpHeaderMap;
import cc.shacocloud.mirage.restful.util.CorsUtils;
import cc.shacocloud.mirage.utils.LogFormatUtils;
import cc.shacocloud.mirage.utils.collection.CollUtil;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.util.AsciiString;
import io.vertx.core.Future;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import java.util.ArrayList;
import java.util.List;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cc/shacocloud/mirage/restful/cors/DefaultCorsProcessor.class */
public class DefaultCorsProcessor implements CorsProcessor {
    private static final Logger log = LoggerFactory.getLogger(DefaultCorsProcessor.class);
    public static final AsciiString VARY = AsciiString.cached("Vary");

    @Override // cc.shacocloud.mirage.restful.cors.CorsProcessor
    public Future<Boolean> processRequest(@Nullable CorsConfiguration corsConfiguration, HttpRequest httpRequest, HttpResponse httpResponse) {
        HttpHeaderMap headers = httpResponse.headers();
        List<String> all = headers.getAll((CharSequence) VARY);
        if (all.contains(HttpHeaders.ORIGIN.toString())) {
            headers.add((CharSequence) VARY, HttpHeaders.ORIGIN);
        }
        if (!all.contains(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD.toString())) {
            headers.add((CharSequence) VARY, HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD);
        }
        if (!all.contains(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS.toString())) {
            headers.add((CharSequence) VARY, HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        }
        if (!CorsUtils.isCorsRequest(httpRequest)) {
            return Future.succeededFuture(true);
        }
        if (headers.get(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN) != null) {
            LogFormatUtils.traceDebug(log, bool -> {
                return "跳过，响应头已经包含 \"Access-Control-Allow-Origin\"";
            });
            return Future.succeededFuture(true);
        }
        boolean isPreFlightRequest = CorsUtils.isPreFlightRequest(httpRequest);
        if (corsConfiguration != null) {
            return handleInternal(httpRequest, httpResponse, corsConfiguration, isPreFlightRequest);
        }
        if (!isPreFlightRequest) {
            return Future.succeededFuture(true);
        }
        rejectRequest(httpResponse);
        return Future.succeededFuture(false);
    }

    protected Future<Boolean> handleInternal(HttpRequest httpRequest, HttpResponse httpResponse, CorsConfiguration corsConfiguration, boolean z) {
        HttpHeaderMap headers = httpRequest.headers();
        HttpHeaderMap headers2 = httpResponse.headers();
        String origin = headers.getOrigin();
        String checkOrigin = checkOrigin(corsConfiguration, origin);
        if (checkOrigin == null) {
            LogFormatUtils.traceDebug(log, bool -> {
                return "拒绝: 来源 '" + origin + "' 不允许";
            });
            rejectRequest(httpResponse);
            return Future.succeededFuture(false);
        }
        HttpMethod methodToUse = getMethodToUse(httpRequest, z);
        List<HttpMethod> checkMethods = checkMethods(corsConfiguration, methodToUse);
        if (checkMethods == null) {
            LogFormatUtils.traceDebug(log, bool2 -> {
                return "拒绝: HTTP方法 '" + methodToUse + "' 不允许";
            });
            rejectRequest(httpResponse);
            return Future.succeededFuture(false);
        }
        List<String> headersToUse = getHeadersToUse(httpRequest, z);
        List<String> checkHeaders = checkHeaders(corsConfiguration, headersToUse);
        if (z && checkHeaders == null) {
            LogFormatUtils.traceDebug(log, bool3 -> {
                return "拒绝: 请求头 [" + LogFormatUtils.formatValue(headersToUse, !bool3.booleanValue()) + "] 不允许";
            });
            rejectRequest(httpResponse);
            return Future.succeededFuture(false);
        }
        headers2.setAccessControlAllowOrigin(checkOrigin);
        if (z) {
            headers2.setAccessControlAllowMethods(checkMethods);
        }
        if (z && !checkHeaders.isEmpty()) {
            headers2.setAccessControlAllowHeaders(checkHeaders);
        }
        if (CollUtil.isNotEmpty(corsConfiguration.getExposedHeaders())) {
            headers2.setAccessControlExposeHeaders(corsConfiguration.getExposedHeaders());
        }
        if (Boolean.TRUE.equals(corsConfiguration.getAllowCredentials())) {
            headers2.setAccessControlAllowCredentials(true);
        }
        if (z && corsConfiguration.getMaxAge() != null) {
            headers2.setAccessControlMaxAge(corsConfiguration.getMaxAge().longValue());
        }
        return Future.succeededFuture(true);
    }

    protected void rejectRequest(HttpResponse httpResponse) {
        httpResponse.setStatusCode(HttpResponseStatus.FORBIDDEN.code());
        httpResponse.setStatusMessage("Invalid CORS request");
        httpResponse.end();
    }

    @Nullable
    protected List<HttpMethod> checkMethods(CorsConfiguration corsConfiguration, @Nullable HttpMethod httpMethod) {
        return corsConfiguration.checkHttpMethod(httpMethod);
    }

    @Nullable
    protected String checkOrigin(CorsConfiguration corsConfiguration, @Nullable String str) {
        return corsConfiguration.checkOrigin(str);
    }

    @Nullable
    private HttpMethod getMethodToUse(HttpRequest httpRequest, boolean z) {
        return z ? httpRequest.headers().getAccessControlRequestMethod() : httpRequest.method();
    }

    private List<String> getHeadersToUse(HttpRequest httpRequest, boolean z) {
        HttpHeaderMap headers = httpRequest.headers();
        return z ? headers.getAccessControlRequestHeaders() : new ArrayList(headers.keySet());
    }

    @Nullable
    protected List<String> checkHeaders(CorsConfiguration corsConfiguration, List<String> list) {
        return corsConfiguration.checkHeaders(list);
    }
}
