package org.jboss.as.domain.http.server;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.BlockingHandler;
import io.undertow.server.handlers.encoding.EncodingHandler;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import io.undertow.util.Methods;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import org.jboss.as.controller.ControlledProcessState;
import org.jboss.as.controller.ControlledProcessStateService;
import org.jboss.as.controller.ModelController;
import org.jboss.as.domain.http.server.cors.CorsUtil;
import org.jboss.as.domain.http.server.logging.HttpServerLogger;
import org.jboss.as.domain.http.server.security.SubjectDoAsHandler;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/jboss/as/domain/http/server/DomainApiCheckHandler.class */
public class DomainApiCheckHandler implements HttpHandler {
    static String PATH = "/management";
    private static final String GENERIC_CONTENT_REQUEST = PATH + "-upload";
    private static final String ADD_CONTENT_REQUEST = PATH + "/add-content";
    private final ControlledProcessStateService controlledProcessStateService;
    private final HttpHandler domainApiHandler;
    private final HttpHandler addContentHandler;
    private final HttpHandler genericOperationHandler;
    private final Collection<String> allowedOrigins = new ArrayList();

    /* JADX INFO: Access modifiers changed from: package-private */
    public DomainApiCheckHandler(ModelController modelController, ControlledProcessStateService controlledProcessStateService, Collection<String> collection) {
        this.controlledProcessStateService = controlledProcessStateService;
        this.domainApiHandler = new BlockingHandler(new SubjectDoAsHandler(new EncodingHandler.Builder().build(Collections.emptyMap()).wrap(new DomainApiHandler(modelController))));
        this.addContentHandler = new BlockingHandler(new SubjectDoAsHandler(new DomainApiUploadHandler(modelController)));
        this.genericOperationHandler = new BlockingHandler(new SubjectDoAsHandler(new EncodingHandler.Builder().build(Collections.emptyMap()).wrap(new DomainApiGenericOperationHandler(modelController))));
        if (collection != null) {
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                this.allowedOrigins.add(CorsUtil.sanitizeDefaultPort(it.next()));
            }
        }
    }

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        if (commonChecks(httpServerExchange)) {
            if (Methods.POST.equals(httpServerExchange.getRequestMethod())) {
                boolean equals = ADD_CONTENT_REQUEST.equals(httpServerExchange.getRequestPath());
                boolean equals2 = GENERIC_CONTENT_REQUEST.equals(httpServerExchange.getRequestPath());
                if (equals) {
                    this.addContentHandler.handleRequest(httpServerExchange);
                    return;
                } else if (equals2) {
                    this.genericOperationHandler.handleRequest(httpServerExchange);
                    return;
                } else if (!checkPostContentType(httpServerExchange)) {
                    return;
                }
            }
            this.domainApiHandler.handleRequest(httpServerExchange);
        }
    }

    private boolean checkPostContentType(HttpServerExchange httpServerExchange) throws Exception {
        String extractContentType = extractContentType(httpServerExchange.getRequestHeaders().getFirst(Headers.CONTENT_TYPE));
        if ("application/json".equals(extractContentType) || "application/dmr-encoded".equals(extractContentType)) {
            return true;
        }
        HttpServerLogger.ROOT_LOGGER.debug("Request rejected due to unsupported media type - should be one of (application/json,application/dmr-encoded).");
        Common.UNSUPPORTED_MEDIA_TYPE.handleRequest(httpServerExchange);
        return false;
    }

    private String extractContentType(String str) {
        if (str == null) {
            return "";
        }
        int indexOf = str.indexOf(59);
        return indexOf < 0 ? str : str.substring(0, indexOf).trim();
    }

    private boolean commonChecks(HttpServerExchange httpServerExchange) throws Exception {
        ControlledProcessState.State currentState = this.controlledProcessStateService.getCurrentState();
        if (currentState == ControlledProcessState.State.STARTING || currentState == ControlledProcessState.State.STOPPING) {
            httpServerExchange.getResponseHeaders().add(Headers.RETRY_AFTER, "2");
            Common.SERVICE_UNAVAIABLE.handleRequest(httpServerExchange);
            return false;
        }
        HttpString requestMethod = httpServerExchange.getRequestMethod();
        if (Methods.POST.equals(requestMethod) || Methods.GET.equals(requestMethod)) {
            return (httpServerExchange.getRequestHeaders().contains(Headers.ORIGIN) && CorsUtil.matchOrigin(httpServerExchange, this.allowedOrigins) == null) ? false : true;
        }
        if (Methods.OPTIONS.equals(requestMethod)) {
            HttpServerLogger.ROOT_LOGGER.debug("Request rejected due to 'OPTIONS' method which is not supported.");
        } else {
            HttpServerLogger.ROOT_LOGGER.debug("Request rejected as method not one of (GET,POST).");
        }
        Common.METHOD_NOT_ALLOWED_HANDLER.handleRequest(httpServerExchange);
        return false;
    }
}
