package com.manydesigns.portofino.servlets;

import java.util.EnumSet;
import java.util.Set;
import javax.servlet.FilterRegistration;
import javax.servlet.ServletContainerInitializer;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/manydesigns/portofino/servlets/CorsServletContainerInitializer.class */
public class CorsServletContainerInitializer implements ServletContainerInitializer {
    private static final Logger logger = LoggerFactory.getLogger(CorsServletContainerInitializer.class);
    public static final String TOMCAT_CORS_FILTER = "org.apache.catalina.filters.CorsFilter";
    public static final String JETTY_CORS_FILTER = "org.eclipse.jetty.servlets.CrossOriginFilter";
    public static final String DEFAULT_ALLOWED_HEADERS = "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Accept-Encoding, Accept-Language, Cache-Control, Connection, Host, Referer, User-Agent, X-Portofino-API-Version";
    public static final String DEFAULT_EXPOSED_HEADERS = "Access-Control-Allow-Origin, Access-Control-Allow-Credentials, X-Portofino-Pretty-Name, X-Portofino-Message, X-Portofino-API-Version";

    public void onStartup(Set<Class<?>> set, ServletContext servletContext) throws ServletException {
        if (servletContext.getInitParameter("cors.configured.externally") != null) {
            logger.info("CORS filter configured externally.");
            return;
        }
        String initParameter = servletContext.getInitParameter("cors.allowed.headers");
        if (initParameter == null) {
            initParameter = DEFAULT_ALLOWED_HEADERS;
        }
        String initParameter2 = servletContext.getInitParameter("cors.exposed.headers");
        if (initParameter2 == null) {
            initParameter2 = DEFAULT_EXPOSED_HEADERS;
        }
        String initParameter3 = servletContext.getInitParameter("cors.allowed.origins");
        boolean z = false;
        try {
            Class.forName(TOMCAT_CORS_FILTER);
            FilterRegistration.Dynamic addFilter = servletContext.addFilter("corsFilter", TOMCAT_CORS_FILTER);
            logger.info("Installing Tomcat CORS filter");
            addFilter.setInitParameter("cors.allowed.headers", initParameter);
            addFilter.setInitParameter("cors.exposed.headers", initParameter2);
            addFilter.setInitParameter("cors.allowed.methods", "DELETE, GET, POST, PUT");
            if (StringUtils.isEmpty(initParameter3)) {
                addFilter.setInitParameter("cors.allowed.origins", "*");
            } else {
                addFilter.setInitParameter("cors.allowed.origins", initParameter3);
            }
            addFilter.addMappingForUrlPatterns((EnumSet) null, false, new String[]{"/*"});
            z = true;
        } catch (ClassNotFoundException e) {
            logger.debug("Tomcat CORS filter not available.", e);
        }
        try {
            Class.forName(JETTY_CORS_FILTER);
            FilterRegistration.Dynamic addFilter2 = servletContext.addFilter("corsFilter", JETTY_CORS_FILTER);
            logger.info("Installing Jetty CORS filter");
            addFilter2.setInitParameter("allowedHeaders", initParameter);
            addFilter2.setInitParameter("exposedHeaders", initParameter2);
            addFilter2.setInitParameter("allowedMethods", "DELETE, GET, POST, PUT");
            if (!StringUtils.isEmpty(initParameter3)) {
                addFilter2.setInitParameter("allowedOrigins", initParameter3);
            }
            addFilter2.addMappingForUrlPatterns((EnumSet) null, false, new String[]{"/*"});
            z = true;
        } catch (ClassNotFoundException e2) {
            logger.debug("Jetty CORS filter not available.", e2);
        }
        if (z) {
            return;
        }
        logger.warn("No CORS Filter configured. Make sure you configure CORS for your server if you're accessing the API from a browser on a different domain.");
    }
}
