package io.apiman.plugins.httpsecuritypolicy;

import io.apiman.gateway.engine.beans.ServiceRequest;
import io.apiman.gateway.engine.beans.ServiceResponse;
import io.apiman.gateway.engine.policies.AbstractMappedPolicy;
import io.apiman.gateway.engine.policy.IPolicyChain;
import io.apiman.gateway.engine.policy.IPolicyContext;
import io.apiman.plugins.httpsecuritypolicy.beans.ContentSecurityPolicyBean;
import io.apiman.plugins.httpsecuritypolicy.beans.HttpSecurityBean;
import java.util.Map;

/* loaded from: input_file:WEB-INF/classes/io/apiman/plugins/httpsecuritypolicy/HttpSecurityPolicy.class */
public class HttpSecurityPolicy extends AbstractMappedPolicy<HttpSecurityBean> {
    protected Class<HttpSecurityBean> getConfigurationClass() {
        return HttpSecurityBean.class;
    }

    protected void doApply(ServiceRequest serviceRequest, IPolicyContext iPolicyContext, HttpSecurityBean httpSecurityBean, IPolicyChain<ServiceRequest> iPolicyChain) {
        iPolicyChain.doApply(serviceRequest);
    }

    protected void doApply(ServiceResponse serviceResponse, IPolicyContext iPolicyContext, HttpSecurityBean httpSecurityBean, IPolicyChain<ServiceResponse> iPolicyChain) {
        setSecurityHeaders(httpSecurityBean, serviceResponse.getHeaders());
        iPolicyChain.doApply(serviceResponse);
    }

    private void setSecurityHeaders(HttpSecurityBean httpSecurityBean, Map<String, String> map) {
        if (httpSecurityBean.getHsts().getEnabled().booleanValue()) {
            map.put("Strict-Transport-Security", httpSecurityBean.getHsts().getHeaderValue());
        }
        if (httpSecurityBean.getFrameOptions() != HttpSecurityBean.FrameOptions.DISABLED) {
            map.put("X-Frame-Options", httpSecurityBean.getFrameOptions().toString());
        }
        if (httpSecurityBean.getXssProtection() != HttpSecurityBean.XssProtection.DISABLED) {
            map.put("X-XSS-Protection", httpSecurityBean.getXssProtection().toString());
        }
        if (httpSecurityBean.getContentTypeOptions().booleanValue()) {
            map.put("X-Content-Type-Options", "nosniff");
        }
        ContentSecurityPolicyBean contentSecurityPolicy = httpSecurityBean.getContentSecurityPolicy();
        if (contentSecurityPolicy.getMode() != ContentSecurityPolicyBean.Mode.DISABLED) {
            if (contentSecurityPolicy.getMode() == ContentSecurityPolicyBean.Mode.ENABLED) {
                map.put("Content-Security-Policy", contentSecurityPolicy.getCsp());
            }
            if (contentSecurityPolicy.getMode() == ContentSecurityPolicyBean.Mode.REPORT_ONLY) {
                map.put("Content-Security-Policy-Report-Only", contentSecurityPolicy.getCsp());
            }
        }
    }

    protected /* bridge */ /* synthetic */ void doApply(ServiceResponse serviceResponse, IPolicyContext iPolicyContext, Object obj, IPolicyChain iPolicyChain) {
        doApply(serviceResponse, iPolicyContext, (HttpSecurityBean) obj, (IPolicyChain<ServiceResponse>) iPolicyChain);
    }

    protected /* bridge */ /* synthetic */ void doApply(ServiceRequest serviceRequest, IPolicyContext iPolicyContext, Object obj, IPolicyChain iPolicyChain) {
        doApply(serviceRequest, iPolicyContext, (HttpSecurityBean) obj, (IPolicyChain<ServiceRequest>) iPolicyChain);
    }
}
