package cd.connect.jersey.common;

import cd.connect.app.config.ConfigKey;
import cd.connect.app.config.DeclaredConfigResolver;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;

@Provider
@PreMatching
/* loaded from: input_file:cd/connect/jersey/common/CorsFilter.class */
public class CorsFilter implements ContainerRequestFilter, ContainerResponseFilter {

    @ConfigKey("jersey.cors.headers")
    List<String> allowedHeaders = Arrays.asList("X-Requested-With", "Authorization", "Content-type", "Accept-Version", "Content-MD5", "CSRF-Token");
    private String headers;

    public CorsFilter() {
        DeclaredConfigResolver.resolve(this);
        this.headers = String.join(",", this.allowedHeaders);
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (isPreflightRequest(containerRequestContext)) {
            containerRequestContext.abortWith(Response.ok().build());
        }
    }

    private static boolean isPreflightRequest(ContainerRequestContext containerRequestContext) {
        return containerRequestContext.getHeaderString("Origin") != null && containerRequestContext.getMethod().equalsIgnoreCase("OPTIONS");
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) {
        if (containerRequestContext.getHeaderString("Origin") == null) {
            return;
        }
        if (isPreflightRequest(containerRequestContext)) {
            containerResponseContext.getHeaders().add("Access-Control-Allow-Credentials", "true");
            containerResponseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
            containerResponseContext.getHeaders().addAll("Access-Control-Allow-Headers", new Object[]{this.headers});
        }
        containerResponseContext.getHeaders().add("Access-Control-Allow-Origin", "*");
    }
}
