package net.sourceforge.jbizmo.commons.rest.filters;

import jakarta.annotation.PostConstruct;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.container.ContainerResponseContext;
import jakarta.ws.rs.container.ContainerResponseFilter;
import jakarta.ws.rs.container.PreMatching;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.ext.Provider;
import java.io.IOException;
import net.sourceforge.jbizmo.commons.property.PropertyService;

@PreMatching
@Provider
/* loaded from: input_file:net/sourceforge/jbizmo/commons/rest/filters/CORSFilter.class */
public class CORSFilter implements ContainerResponseFilter, ContainerRequestFilter {
    private static final String PROP_ACCESS_CONTROL_ORIGIN = "jbizmo.application.rest.access-control-origin";
    private static final String PROP_ACCESS_CONTROL_HEADERS = "jbizmo.application.rest.access-control-headers";
    private static final String PROP_ACCESS_CONTROL_MAX_AGE = "jbizmo.application.rest.access-control-max-age";
    private static final String PROP_ACCESS_CONTROL_METHODS = "jbizmo.application.rest.access-control-methods";
    private static final String HTTP_HEADER_ORIGIN = "Origin";
    private static final String HTTP_HEADER_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
    private static final String HTTP_HEADER_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String HTTP_HEADER_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String HTTP_HEADER_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String HTTP_HEADER_MAX_AGE = "Access-Control-Max-Age";
    private String accessControlOrigin;
    private String accessControlHeaders;
    private String accessControlMethods;
    private long accessControlMaxAge;

    @PostConstruct
    public void init() {
        PropertyService propertyService = new PropertyService();
        this.accessControlOrigin = propertyService.getStringProperty(PROP_ACCESS_CONTROL_ORIGIN);
        this.accessControlHeaders = propertyService.getStringProperty(PROP_ACCESS_CONTROL_HEADERS);
        this.accessControlMethods = propertyService.getStringProperty(PROP_ACCESS_CONTROL_METHODS);
        this.accessControlMaxAge = propertyService.getLongProperty(PROP_ACCESS_CONTROL_MAX_AGE);
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (isPreflightRequest(containerRequestContext)) {
            containerRequestContext.abortWith(Response.ok().build());
        }
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        if (containerRequestContext.getHeaderString(HTTP_HEADER_ORIGIN) == null) {
            return;
        }
        if (isPreflightRequest(containerRequestContext)) {
            addResponseHeader(containerResponseContext, HTTP_HEADER_ALLOW_CREDENTIALS, Boolean.TRUE.toString());
            addResponseHeader(containerResponseContext, HTTP_HEADER_ALLOW_HEADERS, this.accessControlHeaders);
            addResponseHeader(containerResponseContext, HTTP_HEADER_ALLOW_METHODS, this.accessControlMethods);
            addResponseHeader(containerResponseContext, HTTP_HEADER_MAX_AGE, String.valueOf(this.accessControlMaxAge));
        }
        addResponseHeader(containerResponseContext, HTTP_HEADER_ALLOW_ORIGIN, this.accessControlOrigin);
    }

    private boolean isPreflightRequest(ContainerRequestContext containerRequestContext) {
        return containerRequestContext.getHeaderString(HTTP_HEADER_ORIGIN) != null && containerRequestContext.getMethod().equalsIgnoreCase("OPTIONS");
    }

    private void addResponseHeader(ContainerResponseContext containerResponseContext, String str, String str2) {
        if (containerResponseContext.getHeaders().containsKey(str)) {
            return;
        }
        containerResponseContext.getHeaders().add(str, str2);
    }
}
