package org.uberfire.ext.security.server;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.weld.environment.util.URLUtils;

/* loaded from: input_file:WEB-INF/lib/uberfire-servlet-security-1.0.0.CR3.jar:org/uberfire/ext/security/server/SecureHeadersFilter.class */
public class SecureHeadersFilter implements Filter {
    public static final String LOCATION = "Location";
    public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security";
    public static final String X_FRAME_OPTIONS = "X-FRAME-OPTIONS";
    public static final String X_XSS_OPTIONS = "X-XSS-Protection";
    private static SecureHeadersConfig config;

    public static void applyHeaders(ServletRequest servletRequest, HttpServletResponse httpServletResponse) {
        if (config != null) {
            addLocation(httpServletResponse);
            addFrameOptions(httpServletResponse);
            addXSSOptions(httpServletResponse);
            if (servletRequest.getScheme().equals(URLUtils.PROCOTOL_HTTPS)) {
                addStrictTransportSecurity(httpServletResponse);
            }
        }
    }

    private static void addStrictTransportSecurity(HttpServletResponse httpServletResponse) {
        if (config.hasMaxAge() && empty(httpServletResponse.getHeader("Strict-Transport-Security"))) {
            httpServletResponse.addHeader("Strict-Transport-Security", config.getMaxAge());
        }
    }

    private static void addFrameOptions(HttpServletResponse httpServletResponse) {
        if (config.hasFrameOptions() && empty(httpServletResponse.getHeader(X_FRAME_OPTIONS))) {
            httpServletResponse.addHeader(X_FRAME_OPTIONS, config.getFrameOptions());
        }
    }

    private static void addLocation(HttpServletResponse httpServletResponse) {
        if (config.hasLocation() && empty(httpServletResponse.getHeader("Location"))) {
            httpServletResponse.addHeader("Location", config.getLocation());
            httpServletResponse.setStatus(301);
        }
    }

    private static void addXSSOptions(HttpServletResponse httpServletResponse) {
        if (config.hasXSSOptions() && empty(httpServletResponse.getHeader("X-XSS-Protection"))) {
            httpServletResponse.addHeader("X-XSS-Protection", config.getXssOptions());
        }
    }

    private static boolean empty(String str) {
        return str == null || str.trim().isEmpty();
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        config = new SecureHeadersConfig(filterConfig);
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        applyHeaders(httpServletRequest, httpServletResponse);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
