package org.ballerinalang.net.http;

import io.netty.handler.codec.http.HttpHeaderNames;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.ballerinalang.mime.util.Constants;
import org.ballerinalang.net.uri.DispatcherUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.transport.http.netty.message.HTTPCarbonMessage;

/* loaded from: input_file:org/ballerinalang/net/http/CorsHeaderGenerator.class */
public class CorsHeaderGenerator {
    private static final Pattern spacePattern = Pattern.compile(" ");
    private static final Pattern fieldCommaPattern = Pattern.compile(Constants.COMMA);
    private static final Logger bLog = LoggerFactory.getLogger("ballerina");
    private static final String action = "Failed to process CORS : ";

    public static void process(HTTPCarbonMessage hTTPCarbonMessage, HTTPCarbonMessage hTTPCarbonMessage2, boolean z) {
        Map<String, String> map;
        boolean z2 = false;
        if (z) {
            CorsHeaders corsHeaders = (CorsHeaders) hTTPCarbonMessage.getProperty(HttpConstants.RESOURCES_CORS);
            String header = hTTPCarbonMessage.getHeader(HttpHeaderNames.ORIGIN.toString());
            if (header == null || !corsHeaders.isAvailable()) {
                return;
            }
            Map<String, String> processSimpleRequest = processSimpleRequest(header, corsHeaders);
            map = processSimpleRequest;
            if (processSimpleRequest != null) {
                z2 = true;
            }
        } else {
            String header2 = hTTPCarbonMessage.getHeader(HttpHeaderNames.ORIGIN.toString());
            if (header2 == null) {
                return;
            }
            Map<String, String> processPreflightRequest = processPreflightRequest(header2, hTTPCarbonMessage);
            map = processPreflightRequest;
            if (processPreflightRequest != null) {
                z2 = true;
            }
        }
        if (z2) {
            map.entrySet().stream().forEach(entry -> {
                hTTPCarbonMessage2.setHeader((String) entry.getKey(), (String) entry.getValue());
            });
            hTTPCarbonMessage2.removeHeader(HttpHeaderNames.ALLOW.toString());
        }
    }

    private static Map<String, String> processSimpleRequest(String str, CorsHeaders corsHeaders) {
        HashMap hashMap = new HashMap();
        List<String> originValues = getOriginValues(str);
        if (originValues == null || originValues.size() == 0) {
            bLog.info("Failed to process CORS : origin header field parsing failed");
            return null;
        }
        if (!isEffectiveOrigin(originValues, corsHeaders.getAllowOrigins())) {
            bLog.info("Failed to process CORS : not allowed origin");
            return null;
        }
        setAllowOriginAndCredentials(originValues, corsHeaders, hashMap);
        setExposedAllowedHeaders(corsHeaders, hashMap);
        return hashMap;
    }

    private static Map<String, String> processPreflightRequest(String str, HTTPCarbonMessage hTTPCarbonMessage) {
        HashMap hashMap = new HashMap();
        List<String> originValues = getOriginValues(str);
        if (originValues == null || originValues.size() != 1) {
            bLog.info("Failed to process CORS : origin header field parsing failed");
            return null;
        }
        String str2 = originValues.get(0);
        List<String> headerValues = getHeaderValues(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), hTTPCarbonMessage);
        if (headerValues == null || headerValues.size() != 1) {
            bLog.info(action + (headerValues == null ? "Access-Control-Request-Method header is unavailable" : "Access-Control-Request-Method header value must be single-valued"));
            return null;
        }
        String str3 = headerValues.get(0);
        CorsHeaders resourceCors = getResourceCors(hTTPCarbonMessage, str3);
        if (resourceCors == null || !resourceCors.isAvailable()) {
            bLog.info(action + (resourceCors == null ? "access control request method not allowed" : "CORS headers not declared properly"));
            return null;
        }
        if (!isEffectiveMethod(str3, resourceCors.getAllowMethods())) {
            bLog.info("Failed to process CORS : access control request method not allowed");
            return null;
        }
        if (!isEffectiveOrigin(Arrays.asList(str2), resourceCors.getAllowOrigins())) {
            bLog.info("Failed to process CORS : origin not allowed");
            return null;
        }
        List<String> headerValues2 = getHeaderValues(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), hTTPCarbonMessage);
        if (!isEffectiveHeader(headerValues2, resourceCors.getAllowHeaders())) {
            bLog.info("Failed to process CORS : header field parsing failed");
            return null;
        }
        setAllowOriginAndCredentials(Arrays.asList(str2), resourceCors, hashMap);
        hashMap.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS.toString(), str3);
        if (headerValues2 != null) {
            hashMap.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS.toString(), DispatcherUtil.concatValues(headerValues2, false));
        }
        hashMap.put(HttpHeaderNames.ACCESS_CONTROL_MAX_AGE.toString(), String.valueOf(resourceCors.getMaxAge()));
        return hashMap;
    }

    private static boolean isEffectiveOrigin(List<String> list, List<String> list2) {
        if (list2.size() == 1 && list2.get(0).equals("*")) {
            return true;
        }
        return list2.containsAll(list);
    }

    private static boolean isEffectiveHeader(List<String> list, List<String> list2) {
        if (list2 == null || list == null) {
            return true;
        }
        TreeSet treeSet = new TreeSet(String.CASE_INSENSITIVE_ORDER);
        treeSet.addAll(list2);
        return treeSet.containsAll(list);
    }

    private static boolean isEffectiveMethod(String str, List<String> list) {
        if (list.size() == 1 && list.get(0).equals("*")) {
            return true;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (str.equals(it.next())) {
                return true;
            }
        }
        return false;
    }

    private static CorsHeaders getResourceCors(HTTPCarbonMessage hTTPCarbonMessage, String str) {
        List<HttpResource> list = (List) hTTPCarbonMessage.getProperty(HttpConstants.PREFLIGHT_RESOURCES);
        if (list == null) {
            return null;
        }
        for (HttpResource httpResource : list) {
            if (httpResource.getMethods() != null && httpResource.getMethods().contains(str)) {
                return httpResource.getCorsHeaders();
            }
        }
        if (!str.equals("HEAD")) {
            return null;
        }
        for (HttpResource httpResource2 : list) {
            if (httpResource2.getMethods() != null && httpResource2.getMethods().contains("GET")) {
                return httpResource2.getCorsHeaders();
            }
        }
        return null;
    }

    private static List<String> getHeaderValues(String str, HTTPCarbonMessage hTTPCarbonMessage) {
        String header = hTTPCarbonMessage.getHeader(str);
        if (header != null) {
            return (List) Arrays.stream(fieldCommaPattern.split(header)).collect(Collectors.toList());
        }
        return null;
    }

    private static void setExposedAllowedHeaders(CorsHeaders corsHeaders, Map<String, String> map) {
        List<String> exposeHeaders = corsHeaders.getExposeHeaders();
        if (exposeHeaders == null) {
            return;
        }
        String concatValues = DispatcherUtil.concatValues(exposeHeaders, false);
        if (concatValues.isEmpty()) {
            return;
        }
        map.put(HttpHeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS.toString(), concatValues);
    }

    private static void setAllowOriginAndCredentials(List<String> list, CorsHeaders corsHeaders, Map<String, String> map) {
        if (corsHeaders.getAllowCredentials() == 1) {
            map.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS.toString(), String.valueOf(true));
        }
        map.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), DispatcherUtil.concatValues(list, true));
    }

    private static List<String> getOriginValues(String str) {
        return (List) Arrays.stream(spacePattern.split(str)).filter(str2 -> {
            return str2.contains(org.wso2.transport.http.netty.common.Constants.URL_AUTHORITY);
        }).collect(Collectors.toList());
    }
}
