package play.filters.cors;

import akka.util.ByteString;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Locale;
import play.api.LoggerLike;
import play.api.MarkerContexts$SecurityMarkerContext$;
import play.api.http.HeaderNames$;
import play.api.http.HttpErrorHandler;
import play.api.http.HttpVerbs$;
import play.api.libs.streams.Accumulator;
import play.api.libs.streams.Accumulator$;
import play.api.mvc.EssentialAction;
import play.api.mvc.RequestHeader;
import play.api.mvc.Result;
import play.api.mvc.Results$;
import play.core.Execution$;
import play.core.Execution$Implicits$;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.StringContext;
import scala.Tuple2;
import scala.Tuple3;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.immutable.List;
import scala.collection.immutable.List$;
import scala.collection.immutable.Set;
import scala.collection.immutable.StringOps;
import scala.collection.mutable.ArrayOps;
import scala.collection.mutable.Builder;
import scala.collection.package$;
import scala.concurrent.Future$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;

/* compiled from: AbstractCORSPolicy.scala */
@ScalaSignature(bytes = "\u0006\u0003\u0005\u001da\u0001C\u0001\u0003!\u0003\r\tA\u0001\u0005\u0003%\u0005\u00137\u000f\u001e:bGR\u001cuJU*Q_2L7-\u001f\u0006\u0003\u0007\u0011\tAaY8sg*\u0011QAB\u0001\bM&dG/\u001a:t\u0015\u00059\u0011\u0001\u00029mCf\u001c\"\u0001A\u0005\u0011\u0005)iQ\"A\u0006\u000b\u00031\tQa]2bY\u0006L!AD\u0006\u0003\r\u0005s\u0017PU3g\u0011\u0015\u0001\u0002\u0001\"\u0001\u0013\u0003\u0019!\u0013N\\5uI\r\u0001A#A\n\u0011\u0005)!\u0012BA\u000b\f\u0005\u0011)f.\u001b;\t\u000f]\u0001!\u0019!D\t1\u00051An\\4hKJ,\u0012!\u0007\t\u00035ui\u0011a\u0007\u0006\u00039\u0019\t1!\u00199j\u0013\tq2D\u0001\u0006M_\u001e<WM\u001d'jW\u0016DQ\u0001\t\u0001\u0007\u0012\u0005\n!bY8sg\u000e{gNZ5h+\u0005\u0011\u0003CA\u0012%\u001b\u0005\u0011\u0011BA\u0013\u0003\u0005)\u0019uJU*D_:4\u0017n\u001a\u0005\u0006O\u00011\t\u0002K\u0001\rKJ\u0014xN\u001d%b]\u0012dWM]\u000b\u0002SA\u0011!&L\u0007\u0002W)\u0011AfG\u0001\u0005QR$\b/\u0003\u0002/W\t\u0001\u0002\n\u001e;q\u000bJ\u0014xN\u001d%b]\u0012dWM\u001d\u0005\ba\u0001\u0011\r\u0011\"\u00032\u0003Q\u0019V\u000f\u001d9peR,G\r\u0013;ua6+G\u000f[8egV\t!\u0007E\u00024uur!\u0001\u000e\u001d\u0011\u0005UZQ\"\u0001\u001c\u000b\u0005]\n\u0012A\u0002\u001fs_>$h(\u0003\u0002:\u0017\u00051\u0001K]3eK\u001aL!a\u000f\u001f\u0003\u0007M+GO\u0003\u0002:\u0017A\u00111GP\u0005\u0003\u007fq\u0012aa\u0015;sS:<\u0007\"B!\u0001\t#\u0011\u0015!\u00044jYR,'OU3rk\u0016\u001cH\u000fF\u0002D3z\u0003B\u0001R%L'6\tQI\u0003\u0002G\u000f\u000691\u000f\u001e:fC6\u001c(B\u0001%\u001c\u0003\u0011a\u0017NY:\n\u0005)+%aC!dGVlW\u000f\\1u_J\u0004\"\u0001T)\u000e\u00035S!AT(\u0002\tU$\u0018\u000e\u001c\u0006\u0002!\u0006!\u0011m[6b\u0013\t\u0011VJ\u0001\u0006CsR,7\u000b\u001e:j]\u001e\u0004\"\u0001V,\u000e\u0003US!AV\u000e\u0002\u0007548-\u0003\u0002Y+\n1!+Z:vYRDQA\u0017!A\u0002m\u000bAA\\3yiB\u0011A\u000bX\u0005\u0003;V\u0013q\"R:tK:$\u0018.\u00197BGRLwN\u001c\u0005\u0006?\u0002\u0003\r\u0001Y\u0001\be\u0016\fX/Z:u!\t!\u0016-\u0003\u0002c+\ni!+Z9vKN$\b*Z1eKJDQ\u0001\u001a\u0001\u0005\n\u0015\f\u0011\u0003[1oI2,7i\u0014*T%\u0016\fX/Z:u)\r\u0019em\u001a\u0005\u00065\u000e\u0004\ra\u0017\u0005\u0006?\u000e\u0004\r\u0001\u0019\u0005\u0006S\u0002!IA[\u0001\u000fC\u0012$7i\u001c:t\u0011\u0016\fG-\u001a:t)\r\u00196.\u001c\u0005\u0006Y\"\u0004\raU\u0001\u0007e\u0016\u001cX\u000f\u001c;\t\u000b9D\u0007\u0019A\u001f\u0002\r=\u0014\u0018nZ5o\u0011\u0015\u0001\b\u0001\"\u0003r\u0003iA\u0017M\u001c3mKB\u0013XM\u00127jO\"$8i\u0014*T%\u0016\fX/Z:u)\t\u0019%\u000fC\u0003`_\u0002\u0007\u0001\rC\u0003u\u0001\u0011%Q/\u0001\riC:$G.Z%om\u0006d\u0017\u000eZ\"P%N\u0013V-];fgR$\"a\u0011<\t\u000b}\u001b\b\u0019\u00011\t\u000ba\u0004A\u0011B=\u0002\u001b%\u001ch+\u00197jI>\u0013\u0018nZ5o)\tQX\u0010\u0005\u0002\u000bw&\u0011Ap\u0003\u0002\b\u0005>|G.Z1o\u0011\u0015qw\u000f1\u0001>\u0011\u0019y\b\u0001\"\u0003\u0002\u0002\u0005a\u0011n]*b[\u0016|%/[4j]R)!0a\u0001\u0002\u0006!)aN a\u0001{!)qL a\u0001A\u0002")
/* loaded from: input_file:play/filters/cors/AbstractCORSPolicy.class */
public interface AbstractCORSPolicy {
    void play$filters$cors$AbstractCORSPolicy$_setter_$play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods_$eq(Set<String> set);

    /* renamed from: logger */
    LoggerLike mo3logger();

    CORSConfig corsConfig();

    HttpErrorHandler errorHandler();

    Set<String> play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods();

    default Accumulator<ByteString, Result> filterRequest(EssentialAction essentialAction, RequestHeader requestHeader) {
        Accumulator<ByteString, Result> handleInvalidCORSRequest;
        Tuple2 tuple2 = new Tuple2(requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN()), requestHeader.method());
        if (tuple2 != null) {
            if (None$.MODULE$.equals((Option) tuple2._1())) {
                handleInvalidCORSRequest = (Accumulator) essentialAction.apply(requestHeader);
                return handleInvalidCORSRequest.map(result -> {
                    return result.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            Some some = (Option) tuple2._1();
            if (some instanceof Some) {
                String str = (String) some.value();
                if (str.isEmpty() || !isValidOrigin(str)) {
                    handleInvalidCORSRequest = corsConfig().serveForbiddenOrigins() ? (Accumulator) essentialAction.apply(requestHeader) : handleInvalidCORSRequest(requestHeader);
                    return handleInvalidCORSRequest.map(result2 -> {
                        return result2.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result2.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                    }, Execution$.MODULE$.trampoline());
                }
            }
        }
        if (tuple2 != null) {
            Some some2 = (Option) tuple2._1();
            if ((some2 instanceof Some) && isSameOrigin((String) some2.value(), requestHeader)) {
                handleInvalidCORSRequest = (Accumulator) essentialAction.apply(requestHeader);
                return handleInvalidCORSRequest.map(result22 -> {
                    return result22.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result22.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            String str2 = (String) tuple2._2();
            String OPTIONS = HttpVerbs$.MODULE$.OPTIONS();
            if (OPTIONS != null ? OPTIONS.equals(str2) : str2 == null) {
                Some some3 = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_METHOD());
                handleInvalidCORSRequest = None$.MODULE$.equals(some3) ? handleCORSRequest(essentialAction, requestHeader) : ((some3 instanceof Some) && "".equals((String) some3.value())) ? handleInvalidCORSRequest(requestHeader) : handlePreFlightCORSRequest(requestHeader);
                return handleInvalidCORSRequest.map(result222 -> {
                    return result222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        if (tuple2 != null) {
            if (play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods().contains((String) tuple2._2())) {
                handleInvalidCORSRequest = handleCORSRequest(essentialAction, requestHeader);
                return handleInvalidCORSRequest.map(result2222 -> {
                    return result2222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result2222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
                }, Execution$.MODULE$.trampoline());
            }
        }
        handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
        return handleInvalidCORSRequest.map(result22222 -> {
            return result22222.withHeaders(Predef$.MODULE$.wrapRefArray(new Tuple2[]{result22222.header().varyWith(Predef$.MODULE$.wrapRefArray(new String[]{HeaderNames$.MODULE$.ORIGIN()}))}));
        }, Execution$.MODULE$.trampoline());
    }

    private default Accumulator<ByteString, Result> handleCORSRequest(EssentialAction essentialAction, RequestHeader requestHeader) {
        Accumulator done;
        Option option = requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN());
        Predef$.MODULE$.assume(option.isDefined(), () -> {
            return "The presence of the ORIGIN header should guaranteed at this point.";
        });
        String str = (String) option.get();
        if (!BoxesRunTime.unboxToBoolean(corsConfig().allowedOrigins().apply(str))) {
            return corsConfig().serveForbiddenOrigins() ? (Accumulator) essentialAction.apply(requestHeader) : handleInvalidCORSRequest(requestHeader);
        }
        RequestHeader addAttr = requestHeader.addAttr(CORSFilter$Attrs$.MODULE$.Origin(), str);
        try {
            done = ((Accumulator) essentialAction.apply(addAttr)).recoverWith(new AbstractCORSPolicy$$anonfun$1(this, addAttr), Execution$Implicits$.MODULE$.trampoline());
        } catch (Throwable th) {
            done = Accumulator$.MODULE$.done(errorHandler().onServerError(addAttr, th));
        }
        return done.map(result -> {
            return this.addCorsHeaders(result, str);
        }, Execution$Implicits$.MODULE$.trampoline());
    }

    /* JADX INFO: Access modifiers changed from: private */
    default Result addCorsHeaders(Result result, String str) {
        Builder newBuilder = Seq$.MODULE$.newBuilder();
        if (corsConfig().supportsCredentials()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_CREDENTIALS()), "true"));
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
        } else if (corsConfig().anyOriginAllowed()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), "*"));
        } else {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
        }
        if (corsConfig().exposedHeaders().nonEmpty()) {
            newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_EXPOSE_HEADERS()), corsConfig().exposedHeaders().mkString(",")));
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        return result.withHeaders((Seq) newBuilder.result());
    }

    private default Accumulator<ByteString, Result> handlePreFlightCORSRequest(RequestHeader requestHeader) {
        Accumulator<ByteString, Result> handleInvalidCORSRequest;
        Accumulator<ByteString, Result> accumulator;
        List list;
        Option option = requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN());
        Predef$.MODULE$.assume(option.isDefined(), () -> {
            return "The presence of the ORIGIN header should guaranteed at this point.";
        });
        String str = (String) option.get();
        if (!BoxesRunTime.unboxToBoolean(corsConfig().allowedOrigins().apply(str))) {
            return handleInvalidCORSRequest(requestHeader);
        }
        Some some = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_METHOD());
        if (None$.MODULE$.equals(some)) {
            accumulator = handleInvalidCORSRequest(requestHeader);
        } else {
            if (!(some instanceof Some)) {
                throw new MatchError(some);
            }
            String trim = ((String) some.value()).trim();
            Function1<String, Object> isHttpMethodAllowed = corsConfig().isHttpMethodAllowed();
            if (play$filters$cors$AbstractCORSPolicy$$SupportedHttpMethods().contains(trim) && BoxesRunTime.unboxToBoolean(isHttpMethodAllowed.apply(trim))) {
                Some some2 = requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS());
                if (None$.MODULE$.equals(some2)) {
                    list = List$.MODULE$.empty();
                } else {
                    if (!(some2 instanceof Some)) {
                        throw new MatchError(some2);
                    }
                    list = (List) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(new StringOps(Predef$.MODULE$.augmentString(((String) some2.value()).trim())).split(','))).map(str2 -> {
                        return str2.trim().toLowerCase(Locale.ENGLISH);
                    }, package$.MODULE$.breakOut(List$.MODULE$.canBuildFrom()));
                }
                List list2 = list;
                Function1<String, Object> isHttpHeaderAllowed = corsConfig().isHttpHeaderAllowed();
                if (list2.forall(str3 -> {
                    return BoxesRunTime.boxToBoolean($anonfun$handlePreFlightCORSRequest$3(isHttpHeaderAllowed, str3));
                })) {
                    Builder newBuilder = Seq$.MODULE$.newBuilder();
                    if (corsConfig().supportsCredentials()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_CREDENTIALS()), "true"));
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
                    } else if (corsConfig().anyOriginAllowed()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), "*"));
                    } else {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_ORIGIN()), str));
                    }
                    if (corsConfig().preflightMaxAge().toSeconds() > 0) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_MAX_AGE()), BoxesRunTime.boxToLong(corsConfig().preflightMaxAge().toSeconds()).toString()));
                    } else {
                        BoxedUnit boxedUnit = BoxedUnit.UNIT;
                    }
                    newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_METHODS()), trim));
                    if (list2.nonEmpty()) {
                        newBuilder.$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(HeaderNames$.MODULE$.ACCESS_CONTROL_ALLOW_HEADERS()), list2.mkString(",")));
                    } else {
                        BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
                    }
                    handleInvalidCORSRequest = Accumulator$.MODULE$.done(Results$.MODULE$.Ok().withHeaders((Seq) newBuilder.result()));
                } else {
                    handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
                }
            } else {
                handleInvalidCORSRequest = handleInvalidCORSRequest(requestHeader);
            }
            accumulator = handleInvalidCORSRequest;
        }
        return accumulator;
    }

    private default Accumulator<ByteString, Result> handleInvalidCORSRequest(RequestHeader requestHeader) {
        mo3logger().warn(() -> {
            return new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"Invalid CORS request;Origin=", ";Method=", ";", "=", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{requestHeader.headers().get(HeaderNames$.MODULE$.ORIGIN()), requestHeader.method(), HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS(), requestHeader.headers().get(HeaderNames$.MODULE$.ACCESS_CONTROL_REQUEST_HEADERS())}));
        }, MarkerContexts$SecurityMarkerContext$.MODULE$);
        return Accumulator$.MODULE$.done(Future$.MODULE$.successful(Results$.MODULE$.Forbidden()));
    }

    private default boolean isValidOrigin(String str) {
        if (str.contains("%")) {
            return false;
        }
        try {
            return new URI(str).getScheme() != null;
        } catch (URISyntaxException unused) {
            return false;
        }
    }

    private default boolean isSameOrigin(String str, RequestHeader requestHeader) {
        URI uri = new URI(str.toLowerCase(Locale.ENGLISH));
        URI uri2 = new URI((requestHeader.secure() ? "https://" : "http://") + requestHeader.host().toLowerCase(Locale.ENGLISH));
        Tuple3 tuple3 = new Tuple3(uri.getScheme(), uri.getHost(), BoxesRunTime.boxToInteger(uri.getPort()));
        Tuple3 tuple32 = new Tuple3(uri2.getScheme(), uri2.getHost(), BoxesRunTime.boxToInteger(uri2.getPort()));
        return tuple3 != null ? tuple3.equals(tuple32) : tuple32 == null;
    }

    static /* synthetic */ boolean $anonfun$handlePreFlightCORSRequest$3(Function1 function1, String str) {
        return BoxesRunTime.unboxToBoolean(function1.apply(str));
    }
}
