package com.liferay.portal.remote.cors.internal.servlet.filter;

import com.liferay.oauth2.provider.scope.liferay.OAuth2ProviderScopeLiferayAccessControlContext;
import com.liferay.petra.url.pattern.mapper.URLPatternMapper;
import com.liferay.portal.configuration.persistence.listener.ConfigurationModelListener;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.security.permission.PermissionThreadLocal;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.kernel.util.HashMapBuilder;
import com.liferay.portal.kernel.util.HashMapDictionary;
import com.liferay.portal.kernel.util.HttpComponentsUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.remote.cors.internal.CORSSupport;
import com.liferay.portal.remote.cors.internal.configuration.persistence.listener.PortalCORSConfigurationModelListener;
import com.liferay.portal.remote.cors.internal.util.PortalCORSRegistryUtil;
import com.liferay.portal.util.PropsValues;
import java.util.Map;
import java.util.function.Function;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"before-filter=Upload Servlet Request Filter", "dispatcher=FORWARD", "dispatcher=REQUEST", "servlet-context-name=", "servlet-filter-name=Portal CORS Servlet Filter", "url-pattern=/*"}, service = {Filter.class})
/* loaded from: input_file:com/liferay/portal/remote/cors/internal/servlet/filter/PortalCORSServletFilter.class */
public class PortalCORSServletFilter extends BaseFilter {
    private static final Log _log = LogFactoryUtil.getLog(PortalCORSServletFilter.class);
    private String _contextPath;

    @Reference
    private Portal _portal;
    private ServiceRegistration<ConfigurationModelListener> _serviceRegistration;

    public void init(FilterConfig filterConfig) {
        this._contextPath = filterConfig.getServletContext().getContextPath();
    }

    public boolean isFilterEnabled(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.getClass();
        return CORSSupport.isCORSRequest(httpServletRequest::getHeader);
    }

    @Activate
    protected void activate(BundleContext bundleContext, Map<String, Object> map) {
        this._serviceRegistration = bundleContext.registerService(ConfigurationModelListener.class, new PortalCORSConfigurationModelListener(PortalCORSRegistryUtil.getConfigurationPidsProperties()), new HashMapDictionary(HashMapBuilder.putAll(map).put("model.class.name", "com.liferay.portal.remote.cors.configuration.PortalCORSConfiguration").build()));
    }

    @Deactivate
    protected void deactivate() {
        if (this._serviceRegistration != null) {
            this._serviceRegistration.unregister();
        }
    }

    protected Log getLog() {
        return _log;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        CORSSupport cORSSupport;
        long companyId = this._portal.getCompanyId(httpServletRequest);
        if (companyId == 0) {
            return;
        }
        URLPatternMapper<CORSSupport> _getURLPatternMapper = _getURLPatternMapper(companyId);
        if (_getURLPatternMapper != null && (cORSSupport = (CORSSupport) _getURLPatternMapper.getValue(_getURI(httpServletRequest))) != null) {
            if (StringUtil.equals("OPTIONS", httpServletRequest.getMethod())) {
                httpServletRequest.getClass();
                if (cORSSupport.isValidCORSPreflightRequest(httpServletRequest::getHeader)) {
                    httpServletRequest.getClass();
                    Function<String, String> function = httpServletRequest::getHeader;
                    httpServletResponse.getClass();
                    cORSSupport.writeResponseHeaders(function, httpServletResponse::setHeader);
                    return;
                }
                return;
            }
            String method = httpServletRequest.getMethod();
            httpServletRequest.getClass();
            if (cORSSupport.isValidCORSRequest(method, httpServletRequest::getHeader) && (PropsValues.CORS_DISABLE_AUTHORIZATION_CONTEXT_CHECK || OAuth2ProviderScopeLiferayAccessControlContext.isOAuth2AuthVerified() || _isGuest())) {
                httpServletRequest.getClass();
                Function<String, String> function2 = httpServletRequest::getHeader;
                httpServletResponse.getClass();
                cORSSupport.writeResponseHeaders(function2, httpServletResponse::setHeader);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private String _getURI(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        if (Validator.isNotNull(this._contextPath) && !this._contextPath.equals("/") && requestURI.startsWith(this._contextPath)) {
            requestURI = requestURI.substring(this._contextPath.length());
        }
        return HttpComponentsUtil.normalizePath(requestURI);
    }

    private URLPatternMapper<CORSSupport> _getURLPatternMapper(long j) {
        URLPatternMapper<CORSSupport> urlPatternMappers = PortalCORSRegistryUtil.getUrlPatternMappers(j);
        if (urlPatternMappers != null) {
            return urlPatternMappers;
        }
        URLPatternMapper<CORSSupport> urlPatternMappers2 = PortalCORSRegistryUtil.getUrlPatternMappers(0L);
        if (urlPatternMappers2 != null) {
            return urlPatternMappers2;
        }
        return null;
    }

    private boolean _isGuest() {
        PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
        if (permissionChecker == null) {
            return true;
        }
        return permissionChecker.getUser().isGuestUser();
    }
}
