package org.jboss.as.domain.http.server.cors;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.ResponseCodeHandler;
import io.undertow.server.handlers.builder.PredicatedHandlersParser;
import io.undertow.util.HeaderMap;
import io.undertow.util.HeaderValues;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: input_file:org/jboss/as/domain/http/server/cors/CorsHttpHandler.class */
public class CorsHttpHandler implements HttpHandler {
    private final HttpHandler next;
    private final Collection<String> allowedOrigins = new ArrayList();
    private static final long ONE_HOUR_IN_SECONDS = 3600;

    public CorsHttpHandler(HttpHandler httpHandler, Collection<String> collection) {
        this.next = httpHandler;
        if (collection != null) {
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                this.allowedOrigins.add(CorsUtil.sanitizeDefaultPort(it.next()));
            }
        }
    }

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        if (CorsUtil.isCoreRequest(httpServerExchange.getRequestHeaders())) {
            if (CorsUtil.isPreflightedRequest(httpServerExchange)) {
                handlePreflightRequest(httpServerExchange);
                return;
            }
            setCorsResponseHeaders(httpServerExchange);
        }
        this.next.handleRequest(httpServerExchange);
    }

    private void handlePreflightRequest(HttpServerExchange httpServerExchange) throws Exception {
        setCorsResponseHeaders(httpServerExchange);
        ResponseCodeHandler.HANDLE_200.handleRequest(httpServerExchange);
    }

    private void setCorsResponseHeaders(HttpServerExchange httpServerExchange) throws Exception {
        HeaderMap requestHeaders = httpServerExchange.getRequestHeaders();
        if (requestHeaders.contains(Headers.ORIGIN) && CorsUtil.matchOrigin(httpServerExchange, this.allowedOrigins) != null) {
            httpServerExchange.getResponseHeaders().addAll(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.get(Headers.ORIGIN));
        }
        HeaderValues headerValues = requestHeaders.get(CorsHeaders.ACCESS_CONTROL_REQUEST_METHOD);
        if (headerValues == null || headerValues.isEmpty()) {
            httpServerExchange.getResponseHeaders().addAll(CorsHeaders.ACCESS_CONTROL_ALLOW_METHODS, Arrays.asList(Methods.GET_STRING, Methods.POST_STRING));
        } else {
            httpServerExchange.getResponseHeaders().addAll(CorsHeaders.ACCESS_CONTROL_ALLOW_METHODS, headerValues);
        }
        HeaderValues headerValues2 = requestHeaders.get(CorsHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        if (headerValues2 == null || headerValues2.isEmpty()) {
            httpServerExchange.getResponseHeaders().add(CorsHeaders.ACCESS_CONTROL_ALLOW_HEADERS, Headers.CONTENT_TYPE_STRING);
            httpServerExchange.getResponseHeaders().add(CorsHeaders.ACCESS_CONTROL_ALLOW_HEADERS, Headers.WWW_AUTHENTICATE_STRING);
            httpServerExchange.getResponseHeaders().add(CorsHeaders.ACCESS_CONTROL_ALLOW_HEADERS, Headers.AUTHORIZATION_STRING);
        } else {
            httpServerExchange.getResponseHeaders().addAll(CorsHeaders.ACCESS_CONTROL_ALLOW_HEADERS, headerValues2);
        }
        httpServerExchange.getResponseHeaders().add(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, PredicatedHandlersParser.TRUE);
        httpServerExchange.getResponseHeaders().add(CorsHeaders.ACCESS_CONTROL_MAX_AGE, ONE_HOUR_IN_SECONDS);
    }
}
