package cn.com.duiba.kjy.base.customweb.web.interceptor.impl;

import cn.com.duiba.kjy.base.api.constant.DefaultConstant;
import cn.com.duiba.kjy.base.customweb.autoconfig.MappingCrosDomainConfig;
import cn.com.duiba.kjy.base.customweb.util.CorsUtils;
import cn.com.duiba.kjy.base.customweb.web.bean.KjjHttpRequest;
import cn.com.duiba.kjy.base.customweb.web.bean.KjjHttpResponse;
import cn.com.duiba.kjy.base.customweb.web.handler.mapping.controller.ControllerMappingHandler;
import cn.com.duiba.kjy.base.customweb.web.interceptor.KjjInterceptor;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpHeaders;
import io.netty.handler.codec.http.HttpResponseStatus;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;

/* loaded from: input_file:cn/com/duiba/kjy/base/customweb/web/interceptor/impl/CrossDomainInterceptor.class */
public class CrossDomainInterceptor implements KjjInterceptor {
    private static final Logger log = LoggerFactory.getLogger(CrossDomainInterceptor.class);

    @Override // cn.com.duiba.kjy.base.customweb.web.interceptor.KjjInterceptor
    public boolean applyPreHandle(KjjHttpRequest kjjHttpRequest, KjjHttpResponse kjjHttpResponse, Object obj) {
        log.info("TestLog, uri={}, headerName={}, headerValue={}", new Object[]{kjjHttpRequest.getUri().toString(), HttpHeaderNames.ORIGIN.toString(), kjjHttpRequest.getHeader(HttpHeaderNames.ORIGIN.toString())});
        HttpHeaders headers = kjjHttpRequest.headers();
        StringBuilder sb = new StringBuilder();
        Iterator it = headers.iterator();
        while (it.hasNext()) {
            Map.Entry entry = (Map.Entry) it.next();
            sb.append(";").append((String) entry.getKey()).append("=").append((String) entry.getValue());
        }
        log.info("TestLogAll, uri={}, headerStr={}", kjjHttpRequest.getUri().toString(), sb);
        List<String> header = kjjHttpResponse.getHeader(HttpHeaderNames.VARY.toString());
        if (!header.contains(HttpHeaderNames.ORIGIN.toString())) {
            kjjHttpResponse.addHeader(HttpHeaderNames.VARY, HttpHeaderNames.ORIGIN);
        }
        if (!header.contains(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString())) {
            kjjHttpResponse.addHeader(HttpHeaderNames.VARY, HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD);
        }
        if (!header.contains(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString())) {
            kjjHttpResponse.addHeader(HttpHeaderNames.VARY, HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS);
        }
        if (!CorsUtils.isCorsRequest(kjjHttpRequest)) {
            return true;
        }
        if (CollectionUtils.isNotEmpty(kjjHttpResponse.getHeader(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString()))) {
            log.info("Skip: response already contains \"Access-Control-Allow-Origin\"");
            return true;
        }
        if (!(obj instanceof ControllerMappingHandler)) {
            return true;
        }
        MappingCrosDomainConfig mappingCrosDomainConfig = ((ControllerMappingHandler) obj).getMappingCrosDomainConfig();
        boolean isPreFlightRequest = CorsUtils.isPreFlightRequest(kjjHttpRequest);
        if (mappingCrosDomainConfig != null) {
            return handleInternal(kjjHttpRequest, kjjHttpResponse, mappingCrosDomainConfig, isPreFlightRequest);
        }
        rejectRequest(kjjHttpResponse);
        return false;
    }

    protected void rejectRequest(KjjHttpResponse kjjHttpResponse) {
        kjjHttpResponse.getResponse().setStatus(HttpResponseStatus.FORBIDDEN);
        kjjHttpResponse.write("Invalid CORS request");
        kjjHttpResponse.flushAndClose();
    }

    protected boolean handleInternal(KjjHttpRequest kjjHttpRequest, KjjHttpResponse kjjHttpResponse, MappingCrosDomainConfig mappingCrosDomainConfig, boolean z) {
        String header = kjjHttpRequest.getHeader(HttpHeaderNames.ORIGIN.toString());
        String checkOrigin = checkOrigin(mappingCrosDomainConfig, header);
        HttpHeaders headers = kjjHttpResponse.getHeaders();
        if (checkOrigin == null) {
            log.info("Reject: '" + header + "' origin is not allowed");
            rejectRequest(kjjHttpResponse);
            return false;
        }
        headers.set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, checkOrigin);
        if (z) {
            headers.set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST");
        }
        List<String> headersToUse = getHeadersToUse(kjjHttpRequest, z);
        List<String> checkHeaders = checkHeaders(mappingCrosDomainConfig, headersToUse);
        if (z && CollectionUtils.isEmpty(checkHeaders)) {
            log.info("Reject: headers '" + headersToUse + "' are not allowed");
            rejectRequest(kjjHttpResponse);
            return false;
        }
        if (z && !checkHeaders.isEmpty()) {
            headers.set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, StringUtils.join(checkHeaders, DefaultConstant.DEFAULT_SEPARATION));
        }
        if (!CollectionUtils.isEmpty(mappingCrosDomainConfig.getExposedHeaders())) {
            headers.set(HttpHeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS, mappingCrosDomainConfig.getExposedHeaders());
        }
        if (Boolean.TRUE.equals(mappingCrosDomainConfig.getAllowCredentials())) {
            headers.set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, true);
        }
        if (!z || mappingCrosDomainConfig.getMaxAge() == null) {
            return true;
        }
        headers.set(HttpHeaderNames.ACCESS_CONTROL_MAX_AGE, mappingCrosDomainConfig.getMaxAge());
        return true;
    }

    @Nullable
    protected List<String> checkHeaders(MappingCrosDomainConfig mappingCrosDomainConfig, List<String> list) {
        return mappingCrosDomainConfig.checkHeaders(list);
    }

    private List<String> getHeadersToUse(KjjHttpRequest kjjHttpRequest, boolean z) {
        HttpHeaders headers = kjjHttpRequest.headers();
        return z ? headers.getAll(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS) : new ArrayList(headers.names());
    }

    private String checkOrigin(MappingCrosDomainConfig mappingCrosDomainConfig, String str) {
        return mappingCrosDomainConfig.checkOrigin(str);
    }

    @Override // cn.com.duiba.kjy.base.customweb.web.interceptor.KjjInterceptor
    public void applyPostHandle(KjjHttpRequest kjjHttpRequest, KjjHttpResponse kjjHttpResponse, Object obj, Object obj2) {
    }
}
