package org.springframework.web.socket.server.support;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.util.Assert;
import org.springframework.web.socket.WebSocketHandler;
import org.springframework.web.socket.server.HandshakeInterceptor;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:org/springframework/web/socket/server/support/OriginHandshakeInterceptor.class */
public class OriginHandshakeInterceptor implements HandshakeInterceptor {
    protected Log logger;
    private final List<String> allowedOrigins;

    public OriginHandshakeInterceptor() {
        this.logger = LogFactory.getLog(getClass());
        this.allowedOrigins = new ArrayList();
    }

    public OriginHandshakeInterceptor(Collection<String> collection) {
        this();
        setAllowedOrigins(collection);
    }

    public void setAllowedOrigins(Collection<String> collection) {
        Assert.notNull(collection, "Allowed origin Collection must not be null");
        for (String str : collection) {
            Assert.isTrue(str.equals("*") || str.startsWith("http://") || str.startsWith("https://"), "Invalid allowed origin provided: \"" + str + "\". It must start with \"http://\", \"https://\" or be \"*\"");
        }
        this.allowedOrigins.clear();
        this.allowedOrigins.addAll(collection);
    }

    public Collection<String> getAllowedOrigins() {
        return Collections.unmodifiableList(this.allowedOrigins);
    }

    @Override // org.springframework.web.socket.server.HandshakeInterceptor
    public boolean beforeHandshake(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, WebSocketHandler webSocketHandler, Map<String, Object> map) throws Exception {
        if (WebUtils.isValidOrigin(serverHttpRequest, this.allowedOrigins)) {
            return true;
        }
        serverHttpResponse.setStatusCode(HttpStatus.FORBIDDEN);
        if (!this.logger.isDebugEnabled()) {
            return false;
        }
        this.logger.debug("Handshake request rejected, Origin header value " + serverHttpRequest.getHeaders().getOrigin() + " not allowed");
        return false;
    }

    @Override // org.springframework.web.socket.server.HandshakeInterceptor
    public void afterHandshake(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, WebSocketHandler webSocketHandler, Exception exc) {
    }
}
