package com.golden.framework.boot.webs.config;

import com.golden.framework.boot.core.components.BaseBusiness;
import com.golden.framework.boot.utils.utils.StringUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.annotation.PostConstruct;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/golden-framework-boot-webs-1.1-SNAPSHOT.jar:com/golden/framework/boot/webs/config/CorsFilter.class */
public class CorsFilter extends BaseBusiness implements Filter {

    @Value("${golden.web.cors.enabled:false}")
    private boolean isCorsEnabled;
    private List<String> origins;

    @PostConstruct
    public void init() {
        this.origins = new ArrayList();
        String property = this.environment.getProperty("golden.web.cors.domain");
        if (StringUtil.isNotNull(property)) {
            List<String> strToList = StringUtil.strToList(property, ",");
            if (StringUtil.isCollNotNull(strToList)) {
                Iterator<String> it = strToList.iterator();
                while (it.hasNext()) {
                    String trim = it.next().toLowerCase().trim();
                    if (trim.startsWith("http://") || trim.startsWith("https://")) {
                        trim = trim.substring(trim.indexOf("://") + 3);
                    }
                    if (trim.indexOf("/") > 0) {
                        trim = trim.substring(0, trim.indexOf("/"));
                    }
                    this.origins.add(trim);
                }
            }
        }
    }

    public static void main(String[] strArr) {
        System.out.println("https://aaa.bbb.com".substring("https://aaa.bbb.com".indexOf("://") + 3));
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        initCrosInfo((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse);
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void initCrosInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.isCorsEnabled) {
            String header = httpServletRequest.getHeader("origin");
            if (StringUtil.isNull(header)) {
                return;
            }
            if (StringUtil.isCollNotNull(this.origins)) {
                boolean z = false;
                Iterator<String> it = this.origins.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    } else if (header.indexOf(it.next()) >= 0) {
                        z = true;
                        break;
                    }
                }
                if (!z) {
                    this.log.info("跨域识别失败：域名[{}]不是允许跨域的域名，允许跨域域名为[{}]", header, StringUtil.listToStr(this.origins));
                    return;
                }
            }
            httpServletResponse.setHeader("Access-Control-Allow-Origin", header);
            httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
            httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
            httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
            httpServletResponse.setHeader("Access-Control-Allow-Headers", "Content-Type");
        }
    }
}
