package com.atlassian.healthcheck.core.security;

import com.atlassian.plugins.rest.common.security.CorsHeaders;
import com.atlassian.plugins.rest.common.security.descriptor.CorsDefaults;
import com.google.common.collect.ImmutableSet;
import java.net.URI;
import java.util.Set;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-healthcheck-3.0.1.jar:com/atlassian/healthcheck/core/security/HealthCheckCorsDefaults.class */
public class HealthCheckCorsDefaults implements CorsDefaults {
    private static final String[] ALLOWED_ORIGINS = {".atlassian.com"};

    @Override // com.atlassian.plugins.rest.common.security.descriptor.CorsDefaults
    public boolean allowsCredentials(String str) throws IllegalArgumentException {
        return false;
    }

    @Override // com.atlassian.plugins.rest.common.security.descriptor.CorsDefaults
    public boolean allowsOrigin(String str) throws IllegalArgumentException {
        String host = URI.create(str).normalize().getHost();
        for (String str2 : ALLOWED_ORIGINS) {
            if (host.endsWith(str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.atlassian.plugins.rest.common.security.descriptor.CorsDefaults
    public Set<String> getAllowedRequestHeaders(String str) throws IllegalArgumentException {
        return ImmutableSet.of(CorsHeaders.ORIGIN.value());
    }

    @Override // com.atlassian.plugins.rest.common.security.descriptor.CorsDefaults
    public Set<String> getAllowedResponseHeaders(String str) throws IllegalArgumentException {
        return ImmutableSet.of(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN.value());
    }
}
