package org.mockserver.cors;

import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpMethod;
import org.mockserver.configuration.ConfigurationProperties;
import org.mockserver.model.Headers;
import org.mockserver.model.HttpRequest;
import org.mockserver.model.HttpResponse;

/* loaded from: input_file:org/mockserver/cors/CORSHeaders.class */
public class CORSHeaders {
    private static final String ANY_ORIGIN = "*";
    private static final String NULL_ORIGIN = "null";

    public static boolean isPreflightRequest(HttpRequest httpRequest) {
        Headers headers = httpRequest.getHeaders();
        boolean z = httpRequest.getMethod().getValue().equals(HttpMethod.OPTIONS.name()) && headers.containsEntry(HttpHeaderNames.ORIGIN.toString()) && headers.containsEntry(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString());
        if (z) {
            ConfigurationProperties.enableCORSForAPI(true);
        }
        return z;
    }

    public void addCORSHeaders(HttpRequest httpRequest, HttpResponse httpResponse) {
        String str;
        String firstHeader = httpRequest.getFirstHeader(HttpHeaderNames.ORIGIN.toString());
        if (NULL_ORIGIN.equals(firstHeader)) {
            setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), NULL_ORIGIN);
        } else if (firstHeader.isEmpty() || !httpRequest.getFirstHeader(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS.toString()).equals("true")) {
            setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), "*");
        } else {
            setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), firstHeader);
            setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS.toString(), "true");
        }
        setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS.toString(), "CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH, TRACE");
        str = "Allow, Content-Encoding, Content-Length, Content-Type, ETag, Expires, Last-Modified, Location, Server, Vary, Authorization";
        setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS.toString(), httpRequest.getFirstHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString()).isEmpty() ? "Allow, Content-Encoding, Content-Length, Content-Type, ETag, Expires, Last-Modified, Location, Server, Vary, Authorization" : str + ", " + httpRequest.getFirstHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString()));
        setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS.toString(), "Allow, Content-Encoding, Content-Length, Content-Type, ETag, Expires, Last-Modified, Location, Server, Vary, Authorization");
        setHeaderIfNotAlreadyExists(httpResponse, HttpHeaderNames.ACCESS_CONTROL_MAX_AGE.toString(), "300");
    }

    private void setHeaderIfNotAlreadyExists(HttpResponse httpResponse, String str, String str2) {
        if (httpResponse.getFirstHeader(str).isEmpty()) {
            httpResponse.withHeader(str, str2);
        }
    }
}
