package org.keycloak.theme;

import java.util.Map;
import javax.ws.rs.core.Response;
import org.keycloak.models.BrowserSecurityHeaders;
import org.keycloak.models.RealmModel;

/* loaded from: input_file:org/keycloak/theme/BrowserSecurityHeaderSetup.class */
public class BrowserSecurityHeaderSetup {

    /* loaded from: input_file:org/keycloak/theme/BrowserSecurityHeaderSetup$Options.class */
    public static class Options {
        private String allowedFrameSrc;

        public static Options create() {
            return new Options();
        }

        public Options allowFrameSrc(String str) {
            this.allowedFrameSrc = str;
            return this;
        }

        public Options build() {
            return this;
        }
    }

    public static Response.ResponseBuilder headers(Response.ResponseBuilder responseBuilder, RealmModel realmModel) {
        return headers(responseBuilder, (Map<String, String>) realmModel.getBrowserSecurityHeaders(), (Options) null);
    }

    public static Response.ResponseBuilder headers(Response.ResponseBuilder responseBuilder, RealmModel realmModel, Options options) {
        return headers(responseBuilder, (Map<String, String>) realmModel.getBrowserSecurityHeaders(), options);
    }

    public static Response.ResponseBuilder headers(Response.ResponseBuilder responseBuilder) {
        return headers(responseBuilder, (Map<String, String>) BrowserSecurityHeaders.defaultHeaders, (Options) null);
    }

    private static Response.ResponseBuilder headers(Response.ResponseBuilder responseBuilder, Map<String, String> map, Options options) {
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String str = (String) BrowserSecurityHeaders.headerAttributeMap.get(entry.getKey());
            String value = entry.getValue();
            if (options != null && str.equals("Content-Security-Policy") && value.equals("frame-src 'self'; frame-ancestors 'self'; object-src 'none';") && options.allowedFrameSrc != null) {
                value = "frame-src " + options.allowedFrameSrc + "; frame-ancestors 'self'; object-src 'none';";
            }
            if (str != null && value != null && !value.isEmpty()) {
                responseBuilder.header(str, value);
            }
        }
        return responseBuilder;
    }
}
