package fi.vm.sade.generic.rest;

import com.google.common.net.HttpHeaders;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/generic-common-9.3-SNAPSHOT.jar:fi/vm/sade/generic/rest/CorsFiller.class */
abstract class CorsFiller<R, Q> {
    private final CorsFilterMode mode;
    private final String allowedDomains;
    private final Logger logger = LoggerFactory.getLogger(getClass());
    protected static final String DEFAULT_DOMAIN_FOR_ALLOW_ORIGIN = "https://virkailija.opintopolku.fi";

    /* JADX INFO: Access modifiers changed from: protected */
    public CorsFiller(CorsFilterMode corsFilterMode, String str) {
        this.mode = corsFilterMode;
        this.allowedDomains = str;
    }

    protected abstract void setHeader(String str, String str2, R r);

    protected abstract List<String> getHeaders(String str, Q q);

    private String getRemoteDomain(Q q) {
        List<String> headers = getHeaders("origin", q);
        return !headers.isEmpty() ? headers.get(0) : getDomainFromReferer(q);
    }

    private String getDomainFromReferer(Q q) {
        List<String> headers = getHeaders("referer", q);
        try {
            if (headers.isEmpty()) {
                return DEFAULT_DOMAIN_FOR_ALLOW_ORIGIN;
            }
            URL url = new URL(headers.get(0));
            return url.getProtocol() + "://" + url.getHost();
        } catch (MalformedURLException e) {
            this.logger.warn("Could not determine domain from request while forming CORS response", (Throwable) e);
            return DEFAULT_DOMAIN_FOR_ALLOW_ORIGIN;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setAllowOrigin(R r, Q q) {
        if (CorsFilterMode.DEVELOPMENT.equals(this.mode)) {
            setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, getRemoteDomain(q), r);
        } else if (StringUtils.isNotBlank(this.allowedDomains)) {
            String matchingDomain = getMatchingDomain(q);
            if (StringUtils.isNotBlank(matchingDomain)) {
                setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, matchingDomain, r);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setHeadersToResponse(Q q, R r) {
        Iterator<String> it = getHeaders("access-control-request-headers", q).iterator();
        while (it.hasNext()) {
            setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, it.next(), r);
        }
        setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "Caller-Id, clientSubSystemCode, CSRF, ID", r);
        setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true", r);
        setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "POST, GET, OPTIONS, PUT, DELETE, HEAD", r);
        setHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "604800", r);
    }

    private String getMatchingDomain(Q q) {
        String remoteDomain = getRemoteDomain(q);
        for (String str : this.allowedDomains.split(" ")) {
            if (str.equals(remoteDomain)) {
                return str;
            }
        }
        return null;
    }
}
