package com.liferay.portal.remote.cors.internal.servlet.filter;

import com.liferay.oauth2.provider.scope.liferay.OAuth2ProviderScopeLiferayAccessControlContext;
import com.liferay.portal.configuration.metatype.bnd.util.ConfigurableUtil;
import com.liferay.portal.configuration.persistence.listener.ConfigurationModelListener;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.security.permission.PermissionThreadLocal;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.HashMapBuilder;
import com.liferay.portal.kernel.util.HashMapDictionary;
import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.remote.cors.configuration.PortalCORSConfiguration;
import com.liferay.portal.remote.cors.internal.CORSSupport;
import com.liferay.portal.remote.cors.internal.URLtoCORSSupportMapper;
import com.liferay.portal.remote.cors.internal.configuration.persistence.listener.PortalCORSConfigurationModelListener;
import java.util.Collections;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.function.Function;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedServiceFactory;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;

@Component(immediate = true, property = {"service.pid=com.liferay.portal.remote.cors.configuration.PortalCORSConfiguration", "before-filter=Upload Servlet Request Filter", "dispatcher=FORWARD", "dispatcher=REQUEST", "servlet-context-name=", "servlet-filter-name=Portal CORS Servlet Filter", "url-pattern=/*"}, service = {Filter.class, ManagedServiceFactory.class})
/* loaded from: input_file:com/liferay/portal/remote/cors/internal/servlet/filter/PortalCORSServletFilter.class */
public class PortalCORSServletFilter extends BaseFilter implements ManagedServiceFactory {
    private static final Log _log = LogFactoryUtil.getLog(PortalCORSServletFilter.class);
    private String _contextPath;
    private URLtoCORSSupportMapper _defaultURLtoCORSSupportMapper;

    @Reference
    private Http _http;

    @Reference
    private Portal _portal;
    private ServiceRegistration<ConfigurationModelListener> _serviceRegistration;
    private final Map<String, Dictionary<String, ?>> _configurationPidsProperties = Collections.synchronizedMap(new LinkedHashMap());
    private final Map<Long, URLtoCORSSupportMapper> _urlToCORSSupportMappers = Collections.synchronizedMap(new LinkedHashMap());

    public void deleted(String str) {
        long j = GetterUtil.getLong(this._configurationPidsProperties.remove(str).get("companyId"));
        if (j == 0) {
            _rebuild();
        } else {
            _rebuild(j);
        }
    }

    public String getName() {
        return "";
    }

    public void init(FilterConfig filterConfig) {
        this._contextPath = filterConfig.getServletContext().getContextPath();
    }

    public boolean isFilterEnabled(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.getClass();
        return CORSSupport.isCORSRequest(httpServletRequest::getHeader);
    }

    public void updated(String str, Dictionary<String, ?> dictionary) throws ConfigurationException {
        Dictionary<String, ?> put = this._configurationPidsProperties.put(str, dictionary);
        long j = GetterUtil.getLong(dictionary.get("companyId"), 0L);
        if (j == 0) {
            _rebuild();
            return;
        }
        if (put != null) {
            long j2 = GetterUtil.getLong(put.get("companyId"));
            if (j2 == 0) {
                _rebuild();
                return;
            } else if (j2 != j) {
                _rebuild(j2);
            }
        }
        _rebuild(j);
    }

    @Activate
    protected void activate(BundleContext bundleContext, Map<String, Object> map) {
        this._defaultURLtoCORSSupportMapper = _buildDefaultURLtoCORSSupportMapper();
        this._serviceRegistration = bundleContext.registerService(ConfigurationModelListener.class, new PortalCORSConfigurationModelListener(this._configurationPidsProperties), new HashMapDictionary(HashMapBuilder.putAll(map).put("model.class.name", "com.liferay.portal.remote.cors.configuration.PortalCORSConfiguration").build()));
    }

    @Deactivate
    protected void deactivate() {
        if (this._serviceRegistration != null) {
            this._serviceRegistration.unregister();
        }
    }

    protected Log getLog() {
        return _log;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        long companyId = this._portal.getCompanyId(httpServletRequest);
        if (companyId == 0) {
            return;
        }
        CORSSupport cORSSupport = _getURLtoCORSSupportMapper(companyId).get(_getURI(httpServletRequest));
        if (cORSSupport != null) {
            if (StringUtil.equals("OPTIONS", httpServletRequest.getMethod())) {
                httpServletRequest.getClass();
                if (cORSSupport.isValidCORSPreflightRequest(httpServletRequest::getHeader)) {
                    httpServletRequest.getClass();
                    Function<String, String> function = httpServletRequest::getHeader;
                    httpServletResponse.getClass();
                    cORSSupport.writeResponseHeaders(function, httpServletResponse::setHeader);
                    return;
                }
                return;
            }
            String method = httpServletRequest.getMethod();
            httpServletRequest.getClass();
            if (cORSSupport.isValidCORSRequest(method, httpServletRequest::getHeader) && (OAuth2ProviderScopeLiferayAccessControlContext.isOAuth2AuthVerified() || _isGuest())) {
                httpServletRequest.getClass();
                Function<String, String> function2 = httpServletRequest::getHeader;
                httpServletResponse.getClass();
                cORSSupport.writeResponseHeaders(function2, httpServletResponse::setHeader);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void _buildCORSSupports(Map<String, CORSSupport> map, PortalCORSConfiguration portalCORSConfiguration) {
        CORSSupport cORSSupport = new CORSSupport();
        cORSSupport.setCORSHeaders(CORSSupport.buildCORSHeaders(portalCORSConfiguration.headers()));
        for (String str : portalCORSConfiguration.filterMappingURLPatterns()) {
            if (!map.containsKey(str)) {
                map.put(str, cORSSupport);
            }
        }
    }

    private URLtoCORSSupportMapper _buildDefaultURLtoCORSSupportMapper() {
        HashMap hashMap = new HashMap();
        _buildCORSSupports(hashMap, (PortalCORSConfiguration) ConfigurableUtil.createConfigurable(PortalCORSConfiguration.class, new HashMapDictionary()));
        return new URLtoCORSSupportMapper(hashMap);
    }

    private String _getURI(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        if (Validator.isNotNull(this._contextPath) && !this._contextPath.equals("/") && requestURI.startsWith(this._contextPath)) {
            requestURI = requestURI.substring(this._contextPath.length());
        }
        return this._http.normalizePath(requestURI);
    }

    private URLtoCORSSupportMapper _getURLtoCORSSupportMapper(long j) {
        URLtoCORSSupportMapper uRLtoCORSSupportMapper = this._urlToCORSSupportMappers.get(Long.valueOf(j));
        if (uRLtoCORSSupportMapper != null) {
            return uRLtoCORSSupportMapper;
        }
        URLtoCORSSupportMapper uRLtoCORSSupportMapper2 = this._urlToCORSSupportMappers.get(0L);
        return uRLtoCORSSupportMapper2 != null ? uRLtoCORSSupportMapper2 : this._defaultURLtoCORSSupportMapper;
    }

    private boolean _isGuest() {
        PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
        if (permissionChecker == null) {
            return true;
        }
        return permissionChecker.getUser().isDefaultUser();
    }

    private void _mergeCORSConfiguration(Map<String, CORSSupport> map, long j) {
        for (Dictionary<String, ?> dictionary : this._configurationPidsProperties.values()) {
            if (j == GetterUtil.getLong(dictionary.get("companyId"))) {
                _buildCORSSupports(map, (PortalCORSConfiguration) ConfigurableUtil.createConfigurable(PortalCORSConfiguration.class, dictionary));
            }
        }
    }

    private void _rebuild() {
        HashMap hashMap = new HashMap();
        _mergeCORSConfiguration(hashMap, 0L);
        this._urlToCORSSupportMappers.put(0L, new URLtoCORSSupportMapper(hashMap));
        Iterator<Long> it = this._urlToCORSSupportMappers.keySet().iterator();
        while (it.hasNext()) {
            long longValue = it.next().longValue();
            if (longValue != 0) {
                _rebuild(longValue);
            }
        }
    }

    private void _rebuild(long j) {
        HashMap hashMap = new HashMap();
        _mergeCORSConfiguration(hashMap, j);
        if (hashMap.isEmpty()) {
            this._urlToCORSSupportMappers.remove(Long.valueOf(j));
        } else {
            _mergeCORSConfiguration(hashMap, 0L);
            this._urlToCORSSupportMappers.put(Long.valueOf(j), new URLtoCORSSupportMapper(hashMap));
        }
    }
}
