package org.jboss.as.domain.http.server;

import java.io.IOException;
import org.jboss.as.controller.ControlledProcessState;
import org.jboss.as.controller.ControlledProcessStateService;
import org.jboss.as.domain.http.server.security.SubjectAssociationHandler;
import org.jboss.com.sun.net.httpserver.Headers;
import org.jboss.com.sun.net.httpserver.HttpExchange;
import org.jboss.com.sun.net.httpserver.HttpHandler;
import org.jboss.com.sun.net.httpserver.HttpsServer;

/* loaded from: input_file:org/jboss/as/domain/http/server/DomainApiCheckHandler.class */
public class DomainApiCheckHandler implements HttpHandler {
    private final ControlledProcessStateService controlledProcessStateService;
    private final HttpHandler wrapped;

    public DomainApiCheckHandler(HttpHandler httpHandler, ControlledProcessStateService controlledProcessStateService) {
        this.controlledProcessStateService = controlledProcessStateService;
        this.wrapped = new SubjectAssociationHandler(httpHandler);
    }

    public void handle(HttpExchange httpExchange) throws IOException {
        if (commonChecks(httpExchange)) {
            this.wrapped.handle(httpExchange);
        }
    }

    protected boolean commonChecks(HttpExchange httpExchange) throws IOException {
        ControlledProcessState.State currentState = this.controlledProcessStateService.getCurrentState();
        if (currentState == ControlledProcessState.State.STARTING || currentState == ControlledProcessState.State.STOPPING) {
            httpExchange.getResponseHeaders().add(Constants.RETRY_AFTER, "2");
            httpExchange.sendResponseHeaders(Constants.SERVICE_UNAVAILABLE, -1L);
            return false;
        }
        if (Constants.OPTIONS.equals(httpExchange.getRequestMethod())) {
            drain(httpExchange);
            HttpServerLogger.ROOT_LOGGER.debug("Request rejected due to 'OPTIONS' method which is not supported.");
            httpExchange.sendResponseHeaders(Constants.METHOD_NOT_ALLOWED, -1L);
            return false;
        }
        Headers requestHeaders = httpExchange.getRequestHeaders();
        if (!requestHeaders.containsKey(Constants.ORIGIN)) {
            return true;
        }
        if (requestHeaders.getFirst(Constants.ORIGIN).equals((httpExchange.getHttpContext().getServer() instanceof HttpsServer ? Constants.HTTPS : Constants.HTTP) + "://" + requestHeaders.getFirst(Constants.HOST))) {
            return true;
        }
        drain(httpExchange);
        HttpServerLogger.ROOT_LOGGER.debug("Request rejected due to HOST/ORIGIN mis-match.");
        httpExchange.sendResponseHeaders(Constants.FORBIDDEN, -1L);
        return false;
    }

    static void drain(HttpExchange httpExchange) throws IOException {
        try {
            httpExchange.getRequestBody().close();
        } catch (IOException e) {
        }
    }
}
