package org.craftercms.engine.util.spring.cors;

import java.beans.ConstructorProperties;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.craftercms.core.util.cache.CacheTemplate;
import org.craftercms.engine.service.context.SiteContext;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;

/* loaded from: input_file:WEB-INF/classes/org/craftercms/engine/util/spring/cors/SiteAwareCorsConfigurationSource.class */
public class SiteAwareCorsConfigurationSource implements CorsConfigurationSource {
    public static final String CACHE_KEY = "-cors-config";
    public static final String CONFIG_KEY = "cors";
    public static final String ENABLE_KEY = "enable";
    public static final String MAX_AGE_KEY = "accessControlMaxAge";
    public static final String ALLOW_ORIGIN_KEY = "accessControlAllowOrigin";
    public static final String ALLOW_METHODS_KEY = "accessControlAllowMethods";
    public static final String ALLOW_HEADERS_KEY = "accessControlAllowHeaders";
    public static final String ALLOW_CREDENTIALS_KEY = "accessControlAllowCredentials";
    public static final long MAX_AGE_DEFAULT = 86400;
    public static final String ALLOW_ORIGIN_DEFAULT = "*";
    public static final String ALLOW_METHODS_DEFAULT = "GET, POST, OPTIONS";
    public static final String ALLOW_HEADERS_DEFAULT = "Content-Type";
    public static final boolean ALLOW_CREDENTIALS_DEFAULT = true;
    protected CacheTemplate cacheTemplate;

    @ConstructorProperties({"cacheTemplate"})
    public SiteAwareCorsConfigurationSource(CacheTemplate cacheTemplate) {
        this.cacheTemplate = cacheTemplate;
    }

    @Override // org.springframework.web.cors.CorsConfigurationSource
    public CorsConfiguration getCorsConfiguration(HttpServletRequest httpServletRequest) {
        SiteContext current = SiteContext.getCurrent();
        return (CorsConfiguration) this.cacheTemplate.getObject(current.getContext(), () -> {
            try {
                HierarchicalConfiguration<?> configurationAt = current.getConfig().configurationAt("cors");
                if (configurationAt != null) {
                    return getConfiguration(configurationAt);
                }
                return null;
            } catch (Exception e) {
                return null;
            }
        }, CACHE_KEY);
    }

    protected CorsConfiguration getConfiguration(HierarchicalConfiguration<?> hierarchicalConfiguration) {
        if (!hierarchicalConfiguration.getBoolean("enable", false)) {
            return null;
        }
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOriginPatterns(getOrigins(hierarchicalConfiguration));
        corsConfiguration.setAllowedMethods(getValues(hierarchicalConfiguration, ALLOW_METHODS_KEY, ALLOW_METHODS_DEFAULT));
        corsConfiguration.setAllowedHeaders(getValues(hierarchicalConfiguration, ALLOW_HEADERS_KEY, "Content-Type"));
        corsConfiguration.setMaxAge(Long.valueOf(hierarchicalConfiguration.getLong(MAX_AGE_KEY, 86400L)));
        corsConfiguration.setAllowCredentials(Boolean.valueOf(hierarchicalConfiguration.getBoolean(ALLOW_CREDENTIALS_KEY, true)));
        return corsConfiguration;
    }

    protected List<String> getValues(HierarchicalConfiguration<?> hierarchicalConfiguration, String str, String str2) {
        return (List) Arrays.stream(hierarchicalConfiguration.getString(str, str2).split(",")).map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList());
    }

    protected List<String> getOrigins(HierarchicalConfiguration<?> hierarchicalConfiguration) {
        return (List) hierarchicalConfiguration.getList(String.class, ALLOW_ORIGIN_KEY, List.of("*")).stream().map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList());
    }
}
