package org.killbill.billing.server.filters;

import com.google.common.base.Joiner;
import com.google.common.base.MoreObjects;
import com.google.common.collect.ImmutableList;
import java.io.IOException;
import javax.inject.Singleton;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Singleton
/* loaded from: input_file:WEB-INF/classes/org/killbill/billing/server/filters/ResponseCorsFilter.class */
public class ResponseCorsFilter implements Filter {
    private final String allowedHeaders = Joiner.on(",").join(ImmutableList.of("Authorization", "Content-Type", "Location", "X-Killbill-ApiKey", "X-Killbill-ApiSecret", "X-Killbill-Comment", "X-Killbill-CreatedBy", "X-Killbill-Pagination-CurrentOffset", "X-Killbill-Pagination-MaxNbRecords", "X-Killbill-Pagination-NextOffset", "X-Killbill-Pagination-NextPageUri", "X-Killbill-Pagination-TotalNbRecords", "X-Killbill-Reason"));

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.addHeader("Access-Control-Allow-Origin", (String) MoreObjects.firstNonNull(((HttpServletRequest) servletRequest).getHeader("Origin"), "*"));
        httpServletResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS");
        httpServletResponse.addHeader("Access-Control-Allow-Headers", this.allowedHeaders);
        httpServletResponse.addHeader("Access-Control-Expose-Headers", this.allowedHeaders);
        httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
