package io.quarkus.vertx.http.runtime.cors;

import io.vertx.core.Handler;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.ext.web.RoutingContext;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.regex.Pattern;
import java.util.stream.Collectors;

/* loaded from: input_file:io/quarkus/vertx/http/runtime/cors/CORSFilter.class */
public class CORSFilter implements Handler<RoutingContext> {
    private static final Pattern COMMA_SEPARATED_SPLIT_REGEX = Pattern.compile("\\s*,\\s*");
    final CORSConfig corsConfig;
    final List<Pattern> allowedOriginsRegex;

    public CORSFilter(CORSConfig cORSConfig) {
        this.corsConfig = cORSConfig;
        this.allowedOriginsRegex = parseAllowedOriginsRegex(this.corsConfig.origins);
    }

    public static boolean isConfiguredWithWildcard(Optional<List<String>> optional) {
        if (optional == null || !optional.isPresent()) {
            return true;
        }
        List<String> list = optional.get();
        return list.isEmpty() || (list.size() == 1 && "*".equals(list.get(0)));
    }

    public static List<Pattern> parseAllowedOriginsRegex(Optional<List<String>> optional) {
        if (optional == null || !optional.isPresent()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str : optional.get()) {
            if (str != null && str.startsWith("/") && str.endsWith("/")) {
                arrayList.add(Pattern.compile(str.substring(1, str.length() - 1)));
            }
        }
        return arrayList;
    }

    public static boolean isOriginAllowedByRegex(List<Pattern> list, String str) {
        if (list == null) {
            return false;
        }
        Iterator<Pattern> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    private void processRequestedHeaders(HttpServerResponse httpServerResponse, String str) {
        if (isConfiguredWithWildcard(this.corsConfig.headers)) {
            httpServerResponse.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, str);
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : COMMA_SEPARATED_SPLIT_REGEX.split(str)) {
            arrayList.add(str2.toLowerCase());
        }
        ArrayList arrayList2 = new ArrayList();
        for (String str3 : this.corsConfig.headers.get()) {
            if (arrayList.contains(str3.toLowerCase())) {
                arrayList2.add(str3);
            }
        }
        if (arrayList2.isEmpty()) {
            return;
        }
        httpServerResponse.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, String.join(",", arrayList2));
    }

    private void processMethods(HttpServerResponse httpServerResponse, String str) {
        if (isConfiguredWithWildcard(this.corsConfig.methods)) {
            httpServerResponse.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, str);
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : COMMA_SEPARATED_SPLIT_REGEX.split(str)) {
            arrayList.add(str2.toLowerCase());
        }
        ArrayList arrayList2 = new ArrayList();
        for (HttpMethod httpMethod : (List) this.corsConfig.methods.get().stream().map(HttpMethod::valueOf).collect(Collectors.toList())) {
            if (arrayList.contains(httpMethod.name().toLowerCase())) {
                arrayList2.add(httpMethod.name());
            }
        }
        if (arrayList2.isEmpty()) {
            return;
        }
        httpServerResponse.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, String.join(",", arrayList2));
    }

    @Override // io.vertx.core.Handler
    public void handle(RoutingContext routingContext) {
        Objects.requireNonNull(this.corsConfig, "CORS config is not set");
        HttpServerRequest request = routingContext.request();
        HttpServerResponse response = routingContext.response();
        String header = request.getHeader(HttpHeaders.ORIGIN);
        if (header == null) {
            routingContext.next();
            return;
        }
        String header2 = request.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD);
        if (header2 != null) {
            processMethods(response, header2);
        }
        String header3 = request.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        if (header3 != null) {
            processRequestedHeaders(response, header3);
        }
        if (isConfiguredWithWildcard(this.corsConfig.origins) || this.corsConfig.origins.get().contains(header) || isOriginAllowedByRegex(this.allowedOriginsRegex, header)) {
            response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, header);
        }
        response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, String.valueOf(this.corsConfig.accessControlAllowCredentials.orElseGet(() -> {
            return Boolean.valueOf(this.corsConfig.origins.isPresent() && this.corsConfig.origins.get().contains(header) && !header.equals("*"));
        }).booleanValue()));
        Optional<List<String>> optional = this.corsConfig.exposedHeaders;
        if (!isConfiguredWithWildcard(optional)) {
            response.headers().set(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, String.join(",", optional.orElse(Collections.emptyList())));
        }
        if (!request.method().equals(HttpMethod.OPTIONS) || (header3 == null && header2 == null)) {
            routingContext.next();
            return;
        }
        if (this.corsConfig.accessControlMaxAge.isPresent()) {
            response.putHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, String.valueOf(this.corsConfig.accessControlMaxAge.get().getSeconds()));
        }
        response.end();
    }
}
