package org.mycore.restapi;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.annotation.Priority;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.mycore.restapi.annotations.MCRAccessControlExposeHeaders;

@Priority(999)
/* loaded from: input_file:org/mycore/restapi/MCRCORSResponseFilter.class */
public class MCRCORSResponseFilter implements ContainerResponseFilter {
    private static final Logger LOGGER = LogManager.getLogger();
    private static final String ORIGIN = "Origin";
    private static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
    private static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
    private static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers";
    private static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";

    @Context
    ResourceInfo resourceInfo;

    private static boolean handlePreFlight(ContainerRequestContext containerRequestContext, MultivaluedMap<String, Object> multivaluedMap) {
        if (!containerRequestContext.getMethod().equals("OPTIONS")) {
            return false;
        }
        multivaluedMap.putSingle(ACCESS_CONTROL_ALLOW_METHODS, multivaluedMap.getFirst("Allow"));
        String headerString = containerRequestContext.getHeaderString(ACCESS_CONTROL_REQUEST_HEADERS);
        if (headerString != null) {
            multivaluedMap.putSingle(ACCESS_CONTROL_ALLOW_HEADERS, headerString);
        }
        multivaluedMap.putSingle(ACCESS_CONTROL_MAX_AGE, Long.valueOf(TimeUnit.DAYS.toSeconds(1L)));
        return true;
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        LOGGER.debug("Request-Header: {}", containerRequestContext.getHeaders());
        String headerString = containerRequestContext.getHeaderString(ORIGIN);
        if (headerString == null) {
            return;
        }
        boolean z = containerRequestContext.getSecurityContext().getAuthenticationScheme() != null;
        MultivaluedMap headers = containerResponseContext.getHeaders();
        if (z) {
            headers.putSingle(ACCESS_CONTROL_ALLOW_CREDENTIALS, true);
        }
        headers.putSingle(ACCESS_CONTROL_ALLOW_ORIGIN, z ? headerString : "*");
        if (!handlePreFlight(containerRequestContext, headers)) {
            ArrayList arrayList = new ArrayList();
            if (z && headers.getFirst("Authorization") != null) {
                arrayList.add("Authorization");
            }
            Stream stream = (Stream) Optional.ofNullable((MCRAccessControlExposeHeaders) this.resourceInfo.getResourceMethod().getAnnotation(MCRAccessControlExposeHeaders.class)).map((v0) -> {
                return v0.value();
            }).map((v0) -> {
                return Stream.of(v0);
            }).orElse(Stream.empty());
            Objects.requireNonNull(arrayList);
            stream.forEach((v1) -> {
                r1.add(v1);
            });
            if (!arrayList.isEmpty()) {
                headers.putSingle(ACCESS_CONTROL_EXPOSE_HEADERS, arrayList.stream().collect(Collectors.joining(",")));
            }
        }
        if (!"*".equals(headers.getFirst(ACCESS_CONTROL_ALLOW_ORIGIN))) {
            headers.putSingle("Vary", (String) Stream.concat(Stream.of(ORIGIN), ((List) headers.getOrDefault("Vary", Collections.emptyList())).stream().map((v0) -> {
                return v0.toString();
            }).flatMap(str -> {
                return Stream.of((Object[]) str.split(","));
            }).map((v0) -> {
                return v0.trim();
            })).distinct().collect(Collectors.joining(",")));
        }
        LOGGER.debug("Response-Header: {}", headers);
    }
}
