package com.liferay.portal.remote.cors.internal.jaxrs.feature;

import com.liferay.oauth2.provider.scope.liferay.OAuth2ProviderScopeLiferayAccessControlContext;
import com.liferay.petra.reflect.AnnotationLocator;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.security.permission.PermissionThreadLocal;
import com.liferay.portal.kernel.util.HashMapBuilder;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.remote.cors.annotation.CORS;
import com.liferay.portal.remote.cors.internal.CORSSupport;
import java.io.IOException;
import java.util.function.Function;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.container.DynamicFeature;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.FeatureContext;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ServiceScope;

@Component(property = {"osgi.jaxrs.application.select=(liferay.cors.annotation=true)", "osgi.jaxrs.extension=true", "osgi.jaxrs.name=Liferay.CORS.Annotation.Extension"}, scope = ServiceScope.PROTOTYPE, service = {DynamicFeature.class})
/* loaded from: input_file:com/liferay/portal/remote/cors/internal/jaxrs/feature/CORSAnnotationDynamicFeature.class */
public class CORSAnnotationDynamicFeature implements DynamicFeature {

    @Context
    private ResourceInfo _resourceInfo;

    /* loaded from: input_file:com/liferay/portal/remote/cors/internal/jaxrs/feature/CORSAnnotationDynamicFeature$CORSContainerRequestFilter.class */
    private class CORSContainerRequestFilter implements ContainerResponseFilter {
        private final CORSSupport _corsSupport;

        public CORSContainerRequestFilter(CORSSupport cORSSupport) {
            this._corsSupport = cORSSupport;
        }

        public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
            MultivaluedMap headers = containerRequestContext.getHeaders();
            CORSSupport cORSSupport = this._corsSupport;
            headers.getClass();
            if (CORSSupport.isCORSRequest((v1) -> {
                return r0.getFirst(v1);
            })) {
                CORSSupport cORSSupport2 = this._corsSupport;
                String method = containerRequestContext.getMethod();
                headers.getClass();
                if (cORSSupport2.isValidCORSRequest(method, (v1) -> {
                    return r2.getFirst(v1);
                })) {
                    if (OAuth2ProviderScopeLiferayAccessControlContext.isOAuth2AuthVerified() || _isGuestUser()) {
                        MultivaluedMap headers2 = containerResponseContext.getHeaders();
                        CORSSupport cORSSupport3 = this._corsSupport;
                        headers.getClass();
                        Function<String, String> function = (v1) -> {
                            return r1.getFirst(v1);
                        };
                        headers2.getClass();
                        cORSSupport3.writeResponseHeaders(function, (v1, v2) -> {
                            r2.addFirst(v1, v2);
                        });
                    }
                }
            }
        }

        private boolean _isGuestUser() {
            PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
            if (permissionChecker == null) {
                return true;
            }
            return permissionChecker.getUser().isDefaultUser();
        }
    }

    @PreMatching
    /* loaded from: input_file:com/liferay/portal/remote/cors/internal/jaxrs/feature/CORSAnnotationDynamicFeature$CORSPreflighContainerRequestFilter.class */
    private class CORSPreflighContainerRequestFilter implements ContainerRequestFilter {
        private final CORSSupport _corsSupport;

        public CORSPreflighContainerRequestFilter(CORSSupport cORSSupport) {
            this._corsSupport = cORSSupport;
        }

        public void filter(ContainerRequestContext containerRequestContext) throws IOException {
            MultivaluedMap headers = containerRequestContext.getHeaders();
            CORSSupport cORSSupport = this._corsSupport;
            headers.getClass();
            if (CORSSupport.isCORSRequest((v1) -> {
                return r0.getFirst(v1);
            }) && StringUtil.equals(containerRequestContext.getMethod(), "OPTIONS")) {
                CORSSupport cORSSupport2 = this._corsSupport;
                headers.getClass();
                if (cORSSupport2.isValidCORSPreflightRequest((v1) -> {
                    return r1.getFirst(v1);
                })) {
                    Response.ResponseBuilder ok = Response.ok();
                    CORSSupport cORSSupport3 = this._corsSupport;
                    headers.getClass();
                    Function<String, String> function = (v1) -> {
                        return r1.getFirst(v1);
                    };
                    ok.getClass();
                    cORSSupport3.writeResponseHeaders(function, (v1, v2) -> {
                        r2.header(v1, v2);
                    });
                    containerRequestContext.abortWith(ok.build());
                }
            }
        }
    }

    public void configure(ResourceInfo resourceInfo, FeatureContext featureContext) {
        CORS cors = getCORS(resourceInfo);
        if (cors != null) {
            CORSSupport cORSSupport = getCORSSupport(cors);
            featureContext.register(new CORSPreflighContainerRequestFilter(cORSSupport));
            featureContext.register(new CORSContainerRequestFilter(cORSSupport));
        }
    }

    protected CORS getCORS(ResourceInfo resourceInfo) {
        return AnnotationLocator.locate(resourceInfo.getResourceMethod(), resourceInfo.getResourceClass(), CORS.class);
    }

    protected CORSSupport getCORSSupport(CORS cors) {
        CORSSupport cORSSupport = new CORSSupport();
        cORSSupport.setCORSHeaders(HashMapBuilder.put(CORSSupport.ACCESS_CONTROL_ALLOW_CREDENTIALS, String.valueOf(cors.allowCredentials())).put(CORSSupport.ACCESS_CONTROL_ALLOW_HEADERS, StringUtil.merge(cors.allowHeaders(), ",")).put(CORSSupport.ACCESS_CONTROL_ALLOW_METHODS, StringUtil.merge(cors.allowMethods(), ",")).put(CORSSupport.ACCESS_CONTROL_ALLOW_ORIGIN, cors.allowOrigin()).put(CORSSupport.ACCESS_CONTROL_EXPOSE_HEADERS, StringUtil.merge(cors.exposeHeaders(), ",")).put(CORSSupport.ACCESS_CONTROL_MAX_AGE, String.valueOf(cors.maxAge())).build());
        return cORSSupport;
    }
}
