package pt.unl.di.novasys.babel.webservices.utils;

import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.container.ContainerResponseContext;
import jakarta.ws.rs.container.ContainerResponseFilter;
import jakarta.ws.rs.core.Response;
import java.io.IOException;

/* loaded from: input_file:pt/unl/di/novasys/babel/webservices/utils/CORSFilter.class */
public class CORSFilter implements ContainerRequestFilter, ContainerResponseFilter {
    private static final String ORIGIN_PATTERN = "^https?:\\/\\/localhost:[0-9]{1,5}";

    private static boolean isPreflightRequest(ContainerRequestContext containerRequestContext) {
        return containerRequestContext.getHeaderString("Origin") != null && containerRequestContext.getMethod().equalsIgnoreCase("OPTIONS");
    }

    private boolean validateOrigin(String str) {
        return str.matches(ORIGIN_PATTERN);
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (isPreflightRequest(containerRequestContext)) {
            containerRequestContext.abortWith(Response.ok().build());
        }
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        if (containerRequestContext.getHeaderString("Origin") == null) {
            return;
        }
        if (isPreflightRequest(containerRequestContext)) {
            containerResponseContext.getHeaders().add("Access-Control-Allow-Credentials", "true");
            containerResponseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
            containerResponseContext.getHeaders().add("Access-Control-Allow-Headers", "X-Requested-With,Content-Type,Content-Length,Authorization,Accept,Origin,Cache-Control,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method");
        }
        String headerString = containerRequestContext.getHeaderString("Origin");
        if (validateOrigin(headerString)) {
            containerResponseContext.getHeaders().add("Access-Control-Allow-Origin", headerString);
        }
    }
}
