package org.gluu.oxauth.filter;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Arrays;
import java.util.Collection;
import javax.inject.Inject;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.gluu.oxauth.model.config.ConfigurationFactory;
import org.gluu.oxauth.model.configuration.AppConfiguration;
import org.gluu.oxauth.model.registration.Client;
import org.gluu.oxauth.service.ClientService;
import org.gluu.server.filters.AbstractCorsFilter;
import org.gluu.util.StringHelper;

@WebFilter(filterName = "CorsFilter", asyncSupported = true, urlPatterns = {"/.well-known/*", "/restv1/*", "/opiframe"})
/* loaded from: input_file:org/gluu/oxauth/filter/CorsFilter.class */
public class CorsFilter extends AbstractCorsFilter {

    @Inject
    private ConfigurationFactory configurationFactory;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private ClientService clientService;
    private boolean filterEnabled;

    public void init(FilterConfig filterConfig) throws ServletException {
        parseAndStore("*", "GET,POST,HEAD,OPTIONS", "Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers", "", "true", "1800", "true");
        AppConfiguration appConfiguration = this.configurationFactory.getAppConfiguration();
        if (filterConfig != null) {
            CorsFilterConfig corsFilterConfig = new CorsFilterConfig(filterConfig.getFilterName(), appConfiguration);
            String initParameter = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_ENABLED);
            String initParameter2 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_ALLOWED_ORIGINS);
            String initParameter3 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_ALLOWED_METHODS);
            String initParameter4 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_ALLOWED_HEADERS);
            String initParameter5 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_EXPOSED_HEADERS);
            String initParameter6 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_SUPPORT_CREDENTIALS);
            String initParameter7 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_PREFLIGHT_MAXAGE);
            String initParameter8 = corsFilterConfig.getInitParameter(CorsFilterConfig.PARAM_CORS_REQUEST_DECORATE);
            if (initParameter != null) {
                this.filterEnabled = Boolean.parseBoolean(initParameter);
            }
            parseAndStore(initParameter2, initParameter3, initParameter4, initParameter5, initParameter6, initParameter7, initParameter8);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!this.filterEnabled) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        Collection<String> doFilterImpl = doFilterImpl(servletRequest);
        super.doFilter(servletRequest, servletResponse, filterChain);
        setAllowedOrigins(doFilterImpl);
    }

    protected Collection<String> doFilterImpl(ServletRequest servletRequest) throws UnsupportedEncodingException, IOException, ServletException {
        String[] authorizedOrigins;
        String[] authorizedOrigins2;
        Collection<String> allowedOrigins = getAllowedOrigins();
        if (StringHelper.isNotEmpty(servletRequest.getParameter("client_id"))) {
            Client client = this.clientService.getClient(servletRequest.getParameter("client_id"));
            if (client != null && (authorizedOrigins2 = client.getAuthorizedOrigins()) != null && authorizedOrigins2.length > 0) {
                setAllowedOrigins(Arrays.asList(authorizedOrigins2));
            }
        } else {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            String header = httpServletRequest.getHeader("Authorization");
            if (httpServletRequest.getRequestURI().endsWith("/token") && header != null && header.startsWith("Basic ")) {
                String str = new String(Base64.decodeBase64(header.substring(6)), "UTF-8");
                int indexOf = str.indexOf(":");
                Client client2 = this.clientService.getClient(indexOf != -1 ? URLDecoder.decode(str.substring(0, indexOf), "UTF-8") : "");
                if (client2 != null && (authorizedOrigins = client2.getAuthorizedOrigins()) != null && authorizedOrigins.length > 0) {
                    setAllowedOrigins(Arrays.asList(authorizedOrigins));
                }
            }
        }
        return allowedOrigins;
    }
}
