package play.filters.cors;

import akka.util.ByteString;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Locale;
import play.api.LoggerLike;
import play.api.MarkerContexts$SecurityMarkerContext$;
import play.api.http.HeaderNames$;
import play.api.http.HttpErrorHandler;
import play.api.http.HttpVerbs$;
import play.api.libs.streams.Accumulator;
import play.api.libs.streams.Accumulator$;
import play.api.mvc.EssentialAction;
import play.api.mvc.RequestHeader;
import play.api.mvc.Result;
import play.api.mvc.Results$;
import play.core.Execution$;
import play.core.Execution$Implicits$;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.Tuple3;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.immutable.List;
import scala.collection.immutable.List$;
import scala.collection.immutable.Set;
import scala.collection.immutable.StringOps;
import scala.collection.mutable.ArrayOps;
import scala.collection.mutable.Builder;
import scala.concurrent.Future$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;

/* compiled from: AbstractCORSPolicy.scala */
@ScalaSignature(bytes = "\u0006\u0001\u0005\u001da\u0001C\u0007\u000f!\u0003\r\tA\u0004\u000b\t\u000bm\u0001A\u0011A\u000f\t\u000f\u0005\u0002!\u0019!D\tE!)\u0011\u0006\u0001D\tU!)q\u0006\u0001D\ta!9q\u0007\u0001b\u0001\n\u0013A\u0004\"B$\u0001\t#A\u0005\"B5\u0001\t\u0013Q\u0007\"B7\u0001\t\u0013q\u0007\"B:\u0001\t\u0013!\b\"\u0002<\u0001\t\u00139\b\"B=\u0001\t\u0013Q\bBB@\u0001\t\u0013\t\tA\u0001\nBEN$(/Y2u\u0007>\u00136\u000bU8mS\u000eL(BA\b\u0011\u0003\u0011\u0019wN]:\u000b\u0005E\u0011\u0012a\u00024jYR,'o\u001d\u0006\u0002'\u0005!\u0001\u000f\\1z'\t\u0001Q\u0003\u0005\u0002\u001735\tqCC\u0001\u0019\u0003\u0015\u00198-\u00197b\u0013\tQrC\u0001\u0004B]f\u0014VMZ\u0001\u0007I%t\u0017\u000e\u001e\u0013\u0004\u0001Q\ta\u0004\u0005\u0002\u0017?%\u0011\u0001e\u0006\u0002\u0005+:LG/\u0001\u0004m_\u001e<WM]\u000b\u0002GA\u0011AeJ\u0007\u0002K)\u0011aEE\u0001\u0004CBL\u0017B\u0001\u0015&\u0005)aunZ4fe2K7.Z\u0001\u000bG>\u00148oQ8oM&<W#A\u0016\u0011\u00051jS\"\u0001\b\n\u00059r!AC\"P%N\u001buN\u001c4jO\u0006aQM\u001d:pe\"\u000bg\u000e\u001a7feV\t\u0011\u0007\u0005\u00023k5\t1G\u0003\u00025K\u0005!\u0001\u000e\u001e;q\u0013\t14G\u0001\tIiR\u0004XI\u001d:pe\"\u000bg\u000e\u001a7fe\u0006!2+\u001e9q_J$X\r\u001a%uiBlU\r\u001e5pIN,\u0012!\u000f\t\u0004u\u0005#eBA\u001e@!\tat#D\u0001>\u0015\tqD$\u0001\u0004=e>|GOP\u0005\u0003\u0001^\ta\u0001\u0015:fI\u00164\u0017B\u0001\"D\u0005\r\u0019V\r\u001e\u0006\u0003\u0001^\u0001\"AO#\n\u0005\u0019\u001b%AB*ue&tw-A\u0007gS2$XM\u001d*fcV,7\u000f\u001e\u000b\u0004\u0013~#\u0007\u0003\u0002&P#fk\u0011a\u0013\u0006\u0003\u00196\u000bqa\u001d;sK\u0006l7O\u0003\u0002OK\u0005!A.\u001b2t\u0013\t\u00016JA\u0006BG\u000e,X.\u001e7bi>\u0014\bC\u0001*X\u001b\u0005\u0019&B\u0001+V\u0003\u0011)H/\u001b7\u000b\u0003Y\u000bA!Y6lC&\u0011\u0001l\u0015\u0002\u000b\u0005f$Xm\u0015;sS:<\u0007C\u0001.^\u001b\u0005Y&B\u0001/&\u0003\rigoY\u0005\u0003=n\u0013aAU3tk2$\b\"\u00021\u0007\u0001\u0004\t\u0017\u0001\u00028fqR\u0004\"A\u00172\n\u0005\r\\&aD#tg\u0016tG/[1m\u0003\u000e$\u0018n\u001c8\t\u000b\u00154\u0001\u0019\u00014\u0002\u000fI,\u0017/^3tiB\u0011!lZ\u0005\u0003Qn\u0013QBU3rk\u0016\u001cH\u000fS3bI\u0016\u0014\u0018!\u00055b]\u0012dWmQ(S'J+\u0017/^3tiR\u0019\u0011j\u001b7\t\u000b\u0001<\u0001\u0019A1\t\u000b\u0015<\u0001\u0019\u00014\u0002\u001d\u0005$GmQ8sg\"+\u0017\rZ3sgR\u0019\u0011l\\9\t\u000bAD\u0001\u0019A-\u0002\rI,7/\u001e7u\u0011\u0015\u0011\b\u00021\u0001E\u0003\u0019y'/[4j]\u0006Q\u0002.\u00198eY\u0016\u0004&/\u001a$mS\u001eDGoQ(S'J+\u0017/^3tiR\u0011\u0011*\u001e\u0005\u0006K&\u0001\rAZ\u0001\u0019Q\u0006tG\r\\3J]Z\fG.\u001b3D\u001fJ\u001b&+Z9vKN$HCA%y\u0011\u0015)'\u00021\u0001g\u00035I7OV1mS\u0012|%/[4j]R\u00111P \t\u0003-qL!!`\f\u0003\u000f\t{w\u000e\\3b]\")!o\u0003a\u0001\t\u0006a\u0011n]*b[\u0016|%/[4j]R)10a\u0001\u0002\u0006!)!\u000f\u0004a\u0001\t\")Q\r\u0004a\u0001M\u0002")
/* loaded from: input_file:play/filters/cors/AbstractCORSPolicy.class */
public interface AbstractCORSPolicy {
    void play$filters$cors$AbstractCORSPolicy$_setter_$play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods_$eq(Set<String> set);

    /* renamed from: logger */
    LoggerLike mo3logger();

    CORSConfig corsConfig();

    HttpErrorHandler errorHandler();

    Set<String> play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods();

    default Accumulator<ByteString, Result> filterRequest(EssentialAction essentialAction, RequestHeader requestHeader) {
        Accumulator<ByteString, Result> handleInvalidCORSRequest;
        Tuple2 tuple2 = new Tuple2(requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN()), requestHeader.method());
        if (tuple2 != null) {
            if (None$.MODULE$.equals((Option) tuple2._1())) {
                handleInvalidCORSRequest = (Accumulator) essentialAction.apply(requestHeader);
                return handleInvalidCORSRequest.map(result -> {
                    return result.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            Some some = (Option) tuple2._1();
            if (some instanceof Some) {
                String str = (String) some.value();
                if (str.isEmpty() || !isValidOrigin(str)) {
                    handleInvalidCORSRequest = corsConfig().serveForbiddenOrigins() ? (Accumulator) essentialAction.apply(requestHeader) : handleInvalidCORSRequest(requestHeader);
                    return handleInvalidCORSRequest.map(result2 -> {
                        return result2.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result2.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                    }, Execution$.MODULE$.trampoline());
                }
            }
        }
        if (tuple2 != null) {
            Some some2 = (Option) tuple2._1();
            if ((some2 instanceof Some) && isSameOrigin((String) some2.value(), requestHeader)) {
                handleInvalidCORSRequest = (Accumulator) essentialAction.apply(requestHeader);
                return handleInvalidCORSRequest.map(result22 -> {
                    return result22.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result22.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            String str2 = (String) tuple2._2();
            String OPTIONS = HttpVerbs$.MODULE$.OPTIONS();
            if (OPTIONS != null ? OPTIONS.equals(str2) : str2 == null) {
                Some some3 = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_METHOD());
                handleInvalidCORSRequest = None$.MODULE$.equals(some3) ? handleCORSRequest(essentialAction, requestHeader) : ((some3 instanceof Some) && "".equals((String) some3.value())) ? handleInvalidCORSRequest(requestHeader) : handlePreFlightCORSRequest(requestHeader);
                return handleInvalidCORSRequest.map(result222 -> {
                    return result222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            if (play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods().contains((String) tuple2._2())) {
                handleInvalidCORSRequest = handleCORSRequest(essentialAction, requestHeader);
                return handleInvalidCORSRequest.map(result2222 -> {
                    return result2222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result2222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
        return handleInvalidCORSRequest.map(result22222 -> {
            return result22222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result22222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
        }, Execution$.MODULE$.trampoline());
    }

    private default Accumulator<ByteString, Result> handleCORSRequest(EssentialAction essentialAction, RequestHeader requestHeader) {
        Accumulator done;
        Option option = requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN());
        Predef$.MODULE$.assume(option.isDefined(), () -> {
            return "The presence of the ORIGIN header should guaranteed at this point.";
        });
        String str = (String) option.get();
        if (!BoxesRunTime.unboxToBoolean(corsConfig().allowedOrigins().apply(str))) {
            return corsConfig().serveForbiddenOrigins() ? (Accumulator) essentialAction.apply(requestHeader) : handleInvalidCORSRequest(requestHeader);
        }
        RequestHeader addAttr = requestHeader.addAttr(CORSFilter$Attrs$.MODULE$.Origin(), str);
        try {
            done = ((Accumulator) essentialAction.apply(addAttr)).recoverWith(new AbstractCORSPolicy$$anonfun$1(this, addAttr), Execution$Implicits$.MODULE$.trampoline());
        } catch (Throwable th) {
            done = Accumulator$.MODULE$.done(errorHandler().onServerError(addAttr, th));
        }
        return done.map(result -> {
            return this.addCorsHeaders(result, str);
        }, Execution$Implicits$.MODULE$.trampoline());
    }

    /* JADX INFO: Access modifiers changed from: private */
    default Result addCorsHeaders(Result result, String str) {
        Builder newBuilder = Seq$.MODULE$.newBuilder();
        if (corsConfig().supportsCredentials()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_CREDENTIALS()), "true"));
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
        } else if (corsConfig().anyOriginAllowed()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), "*"));
        } else {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
        }
        if (corsConfig().exposedHeaders().nonEmpty()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_EXPOSE_HEADERS()), corsConfig().exposedHeaders().mkString(",")));
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        return result.withHeaders((Seq) newBuilder.result());
    }

    private default Accumulator<ByteString, Result> handlePreFlightCORSRequest(RequestHeader requestHeader) {
        Accumulator<ByteString, Result> handleInvalidCORSRequest;
        Accumulator<ByteString, Result> accumulator;
        List list;
        Option option = requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN());
        Predef$.MODULE$.assume(option.isDefined(), () -> {
            return "The presence of the ORIGIN header should guaranteed at this point.";
        });
        String str = (String) option.get();
        if (!BoxesRunTime.unboxToBoolean(corsConfig().allowedOrigins().apply(str))) {
            return handleInvalidCORSRequest(requestHeader);
        }
        Some some = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_METHOD());
        if (None$.MODULE$.equals(some)) {
            accumulator = handleInvalidCORSRequest(requestHeader);
        } else {
            if (!(some instanceof Some)) {
                throw new MatchError(some);
            }
            String trim = ((String) some.value()).trim();
            Function1<String, Object> isHttpMethodAllowed = corsConfig().isHttpMethodAllowed();
            if (play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods().contains(trim) && BoxesRunTime.unboxToBoolean(isHttpMethodAllowed.apply(trim))) {
                Some some2 = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS());
                if (None$.MODULE$.equals(some2)) {
                    list = List$.MODULE$.empty();
                } else {
                    if (!(some2 instanceof Some)) {
                        throw new MatchError(some2);
                    }
                    list = new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(new StringOps(Predef$.MODULE$.augmentString(((String) some2.value()).trim())).split(','))).iterator().map(str2 -> {
                        return str2.trim().toLowerCase(Locale.ENGLISH);
                    }).toList();
                }
                List list2 = list;
                Function1<String, Object> isHttpHeaderAllowed = corsConfig().isHttpHeaderAllowed();
                if (list2.forall(str3 -> {
                    return BoxesRunTime.boxToBoolean($anonfun$handlePreFlightCORSRequest$3(isHttpHeaderAllowed, str3));
                })) {
                    Builder newBuilder = Seq$.MODULE$.newBuilder();
                    if (corsConfig().supportsCredentials()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_CREDENTIALS()), "true"));
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
                    } else if (corsConfig().anyOriginAllowed()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), "*"));
                    } else {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
                    }
                    if (corsConfig().preflightMaxAge().toSeconds() > 0) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_MAX_AGE()), Long.toString(corsConfig().preflightMaxAge().toSeconds())));
                    } else {
                        BoxedUnit boxedUnit = BoxedUnit.UNIT;
                    }
                    newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_METHODS()), trim));
                    if (list2.nonEmpty()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_HEADERS()), list2.mkString(",")));
                    } else {
                        BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
                    }
                    handleInvalidCORSRequest = Accumulator$.MODULE$.done(Results$.MODULE$.Ok().withHeaders((Seq) newBuilder.result()));
                } else {
                    handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
                }
            } else {
                handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
            }
            accumulator = handleInvalidCORSRequest;
        }
        return accumulator;
    }

    private default Accumulator<ByteString, Result> handleInvalidCORSRequest(RequestHeader requestHeader) {
        mo3logger().warn(() -> {
            return new StringBuilder(38).append("Invalid CORS request;Origin=").append(requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN())).append(";Method=").append(requestHeader.method()).append(";").append(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS()).append("=").append(requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS())).toString();
        }, MarkerContexts$SecurityMarkerContext$.MODULE$);
        return Accumulator$.MODULE$.done(Future$.MODULE$.successful(Results$.MODULE$.Forbidden()));
    }

    private default boolean isValidOrigin(String str) {
        if (str != null ? str.equals("null") : "null" == 0) {
            return true;
        }
        if (str.contains("%")) {
            return false;
        }
        try {
            return new URI(str).getScheme() != null;
        } catch (URISyntaxException unused) {
            return false;
        }
    }

    private default boolean isSameOrigin(String str, RequestHeader requestHeader) {
        URI uri = new URI(str.toLowerCase(Locale.ENGLISH));
        URI uri2 = new URI(new StringBuilder(0).append(requestHeader.secure() ? "https://" : "http://").append(requestHeader.host().toLowerCase(Locale.ENGLISH)).toString());
        Tuple3 tuple3 = new Tuple3(uri.getScheme(), uri.getHost(), BoxesRunTime.boxToInteger(uri.getPort()));
        Tuple3 tuple32 = new Tuple3(uri2.getScheme(), uri2.getHost(), BoxesRunTime.boxToInteger(uri2.getPort()));
        return tuple3 != null ? tuple3.equals(tuple32) : tuple32 == null;
    }

    static /* synthetic */ boolean $anonfun$handlePreFlightCORSRequest$3(Function1 function1, String str) {
        return BoxesRunTime.unboxToBoolean(function1.apply(str));
    }
}
