package com.adobe.granite.cors.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.apache.commons.lang3.StringUtils;
import org.osgi.service.component.ComponentException;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.AttributeType;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;

@Designate(ocd = Configuration.class, factory = true)
@Component(immediate = true, property = {"service.ranking=0", "service.description=Cross-Origin Resource Sharing Policy"}, configurationPolicy = ConfigurationPolicy.REQUIRE)
/* loaded from: input_file:com/adobe/granite/cors/impl/CORSPolicyImpl.class */
public class CORSPolicyImpl implements CORSPolicy {
    private Set<String> allowedOrigins;
    private boolean allowsAnyOrigin;
    private List<Pattern> allowedOriginRegexps;
    private Set<Pattern> allowedPaths;
    private String exposedHeaderList;
    private int maxAge;
    private Set<String> supportedHeadersLowerCase;
    private String supportedHeaderList;
    private boolean supportsAnyHeader;
    private Set<String> supportedMethodsUpperCase;
    private String supportedMethodList;
    private boolean supportsCredentials;

    @ObjectClassDefinition(name = "Adobe Granite Cross-Origin Resource Sharing Policy", description = "CORS policy as specified by its configuration.")
    /* loaded from: input_file:com/adobe/granite/cors/impl/CORSPolicyImpl$Configuration.class */
    public @interface Configuration {
        @AttributeDefinition(name = "Allowed Origins", description = "List of allowed origins. Use * to allow any. Default is empty (allow none).", cardinality = Integer.MAX_VALUE)
        String[] alloworigin();

        @AttributeDefinition(name = "Allowed Origins (Regexp)", description = "List of allowed regular expressions as origins. Example: 'http://.*\\.example\\.com' to allow all subdomains of example.com. To allow any origin, leave empty and set 'Allowed Origins' to *. Default is empty (allow none).", cardinality = Integer.MAX_VALUE)
        String[] alloworiginregexp() default {};

        @AttributeDefinition(name = "Allowed paths", description = "Regular expressions of paths the filter applies. Default is .*", cardinality = Integer.MAX_VALUE)
        String[] allowedpaths() default {".*"};

        @AttributeDefinition(name = "Exposed Headers", description = "List of exposed headers. Default is empty (none).", cardinality = Integer.MAX_VALUE)
        String[] exposedheaders() default {};

        @AttributeDefinition(name = "Maximum Age", description = "Number of seconds how long the results of a preflight request can be cached. A value of -1 indicates no caching. Default is 1800 (30min.).", type = AttributeType.INTEGER)
        int maxage() default 1800;

        @AttributeDefinition(name = "Supported Headers", description = "List of allowed headers. Use * to allow any. Default is (Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method and Access-Control-Request-Headers)", cardinality = Integer.MAX_VALUE)
        String[] supportedheaders() default {"Origin", "Accept", "X-Requested-With", "Content-Type", "Access-Control-Request-Method", "Access-Control-Request-Headers"};

        @AttributeDefinition(name = "Allowed Methods", description = "List of allowed methods. Default is (GET,HEAD,POST).", cardinality = Integer.MAX_VALUE)
        String[] supportedmethods() default {"GET", "HEAD", "POST"};

        @AttributeDefinition(name = "Supports Credentials", description = "Indicates that the actual request can include user credentials. Default is true.", type = AttributeType.BOOLEAN)
        boolean supportscredentials() default true;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean allowsAnyOrigin() {
        return this.allowsAnyOrigin;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean allowsOrigin(String str) {
        return this.allowsAnyOrigin || this.allowedOrigins.contains(str) || allowedOriginRegexpsMatches(str);
    }

    private boolean allowedOriginRegexpsMatches(String str) {
        Iterator<Pattern> it = this.allowedOriginRegexps.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean allowsPath(String str) {
        Iterator<Pattern> it = this.allowedPaths.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean supportsMethod(String str) {
        return this.supportedMethodsUpperCase.contains(str.toUpperCase());
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean supportsAnyHeader() {
        return this.supportsAnyHeader;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public String getSupportedHeaderList() {
        return this.supportedHeaderList;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean hasExposedHeaders() {
        return this.exposedHeaderList != null;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public String getExposedHeaderList() {
        return this.exposedHeaderList;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public boolean supportsCredentials() {
        return this.supportsCredentials;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public int getMaxAge() {
        return this.maxAge;
    }

    @Override // com.adobe.granite.cors.impl.CORSPolicy
    public String getSupportedMethodList() {
        return this.supportedMethodList;
    }

    @Activate
    protected void activate(Configuration configuration) {
        String[] allowedpaths = configuration.allowedpaths();
        this.allowedPaths = new HashSet();
        for (String str : allowedpaths) {
            if (StringUtils.isNotEmpty(str)) {
                try {
                    this.allowedPaths.add(Pattern.compile(str));
                } catch (PatternSyntaxException e) {
                    throw new ComponentException("Invalid regular expression pattern '" + str + "' for Allowed Paths entry : " + e.getMessage());
                }
            }
        }
        this.allowedOrigins = new HashSet(Arrays.asList(configuration.alloworigin()));
        this.allowsAnyOrigin = this.allowedOrigins.contains(CORSConstants.VALUE_ANY);
        String[] alloworiginregexp = configuration.alloworiginregexp();
        this.allowedOriginRegexps = new ArrayList(alloworiginregexp.length);
        for (String str2 : alloworiginregexp) {
            if (StringUtils.isNotEmpty(str2)) {
                try {
                    this.allowedOriginRegexps.add(Pattern.compile(str2));
                } catch (PatternSyntaxException e2) {
                    throw new ComponentException("Invalid regular expression pattern '" + str2 + "' for Allowed Orgins entry : " + e2.getMessage());
                }
            }
        }
        String[] supportedheaders = configuration.supportedheaders();
        this.supportedHeadersLowerCase = new HashSet();
        for (String str3 : supportedheaders) {
            this.supportedHeadersLowerCase.add(str3.toLowerCase());
        }
        this.supportedHeaderList = StringUtils.join(supportedheaders, ", ");
        this.supportsAnyHeader = this.supportedHeadersLowerCase.contains(CORSConstants.VALUE_ANY);
        String[] supportedmethods = configuration.supportedmethods();
        this.supportedMethodsUpperCase = new HashSet();
        for (String str4 : supportedmethods) {
            this.supportedMethodsUpperCase.add(str4.toUpperCase());
        }
        this.supportedMethodList = StringUtils.join(supportedmethods, ", ");
        String[] exposedheaders = configuration.exposedheaders();
        if (exposedheaders.length == 0) {
            this.exposedHeaderList = null;
        } else {
            this.exposedHeaderList = StringUtils.join(exposedheaders, ", ");
            if (StringUtils.isEmpty(this.exposedHeaderList)) {
                this.exposedHeaderList = null;
            }
        }
        this.supportsCredentials = configuration.supportscredentials();
        if (this.supportsCredentials && this.allowsAnyOrigin) {
            throw new ComponentException("Support Credentials is not allowed when Origin is set to Any (*).");
        }
        this.maxAge = configuration.maxage();
    }
}
