package org.graylog2.rest.resources.system;

import com.google.common.base.Strings;
import java.net.URI;
import java.util.Date;
import java.util.Optional;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.NewCookie;
import org.graylog2.configuration.HttpConfiguration;
import org.graylog2.rest.models.system.sessions.responses.SessionResponse;
import org.graylog2.shared.security.ShiroSecurityContextFilter;

/* loaded from: input_file:org/graylog2/rest/resources/system/CookieFactory.class */
public class CookieFactory {
    private static final String HEADER_ORIGIN = "Origin";
    private static final String HEADER_X_FORWARDED_PROTO = "X-Forwarded-Proto";

    /* JADX INFO: Access modifiers changed from: package-private */
    public NewCookie createAuthenticationCookie(SessionResponse sessionResponse, ContainerRequestContext containerRequestContext) {
        return makeCookie(sessionResponse.getAuthenticationToken(), sessionResponse.validUntil(), containerRequestContext);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public NewCookie deleteAuthenticationCookie(ContainerRequestContext containerRequestContext) {
        return makeCookie("", new Date(), containerRequestContext);
    }

    private NewCookie makeCookie(String str, Date date, ContainerRequestContext containerRequestContext) {
        return new NewCookie(ShiroSecurityContextFilter.SESSION_COOKIE_NAME, str, (String) Optional.ofNullable(Strings.emptyToNull(baseUriFromRequest(containerRequestContext).getPath())).orElse("/"), (String) null, 1, "Authentication Cookie", Long.valueOf((date.getTime() - new Date().getTime()) / 1000).intValue(), date, ((Boolean) schemeFromRequest(containerRequestContext).map(str2 -> {
            return Boolean.valueOf(str2.equalsIgnoreCase("https"));
        }).orElse(false)).booleanValue(), true);
    }

    private Optional<String> schemeFromRequest(ContainerRequestContext containerRequestContext) {
        Optional<URI> uriFromHeader = uriFromHeader(containerRequestContext, HttpConfiguration.OVERRIDE_HEADER);
        if (uriFromHeader.isPresent()) {
            return uriFromHeader.map((v0) -> {
                return v0.getScheme();
            });
        }
        Optional<String> filter = Optional.ofNullable(containerRequestContext.getHeaderString(HEADER_X_FORWARDED_PROTO)).filter(str -> {
            return !Strings.isNullOrEmpty(str);
        });
        return filter.isPresent() ? filter : uriFromHeader(containerRequestContext, HEADER_ORIGIN).map((v0) -> {
            return v0.getScheme();
        });
    }

    private Optional<URI> uriFromHeader(ContainerRequestContext containerRequestContext, String str) {
        return Optional.ofNullable(containerRequestContext.getHeaderString(str)).filter(str2 -> {
            return !Strings.isNullOrEmpty(str2);
        }).flatMap(this::safeCreateUri);
    }

    private URI baseUriFromRequest(ContainerRequestContext containerRequestContext) {
        Optional<URI> uriFromHeader = uriFromHeader(containerRequestContext, HttpConfiguration.OVERRIDE_HEADER);
        return uriFromHeader.isPresent() ? uriFromHeader.get() : uriFromHeader(containerRequestContext, HEADER_ORIGIN).orElseGet(() -> {
            return containerRequestContext.getUriInfo().getBaseUri();
        });
    }

    private Optional<URI> safeCreateUri(String str) {
        try {
            return Optional.of(URI.create(str));
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }
}
