package org.http4s.server.middleware;

import cats.Applicative;
import cats.Monad;
import cats.data.Kleisli;
import cats.data.OptionT$;
import cats.syntax.ApplicativeIdOps$;
import cats.syntax.package$all$;
import org.apache.commons.lang3.BooleanUtils;
import org.http4s.Header;
import org.http4s.Header$;
import org.http4s.Headers$;
import org.http4s.Method;
import org.http4s.Method$;
import org.http4s.Request;
import org.http4s.Response;
import org.http4s.Response$;
import org.http4s.Status$;
import org.http4s.headers.Access$minusControl$minusRequest$minusMethod$;
import org.http4s.headers.Origin;
import org.http4s.headers.Origin$;
import org.http4s.server.middleware.CORSPolicy;
import org.http4s.util.CaseInsensitiveString$;
import org.slf4j.LoggerFactory;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.Tuple3;
import scala.Tuple4;
import scala.collection.immutable.Set;
import scala.concurrent.duration.Cpackage;
import scala.concurrent.duration.package$;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;

/* compiled from: CORS.scala */
/* loaded from: input_file:org/http4s/server/middleware/CORS$.class */
public final class CORS$ {
    public static final CORS$ MODULE$ = new CORS$();
    private static final org.slf4j.Logger logger = LoggerFactory.getLogger("org.http4s.server.middleware.CORS");
    private static final CORSPolicy policy = new CORSPolicy(CORSPolicy$AllowOrigin$All$.MODULE$, CORSPolicy$AllowCredentials$Deny$.MODULE$, CORSPolicy$ExposeHeaders$None$.MODULE$, new CORSPolicy.AllowMethods.In((Set) Predef$.MODULE$.Set().apply2(ScalaRunTime$.MODULE$.wrapRefArray(new Method[]{(Method) Method$.MODULE$.GET(), (Method) Method$.MODULE$.HEAD(), (Method) Method$.MODULE$.PUT(), (Method) Method$.MODULE$.PATCH(), (Method) Method$.MODULE$.POST(), (Method) Method$.MODULE$.DELETE()}))), CORSPolicy$AllowHeaders$Reflect$.MODULE$, CORSPolicy$MaxAge$Default$.MODULE$);
    private static final Header.Raw defaultVaryHeader = Header$.MODULE$.apply("Vary", "Origin,Access-Control-Request-Method");

    public org.slf4j.Logger logger() {
        return logger;
    }

    public CORSPolicy policy() {
        return policy;
    }

    public Header.Raw defaultVaryHeader() {
        return defaultVaryHeader;
    }

    public CORSConfig DefaultCORSConfig() {
        return new CORSConfig(true, true, new Cpackage.DurationInt(package$.MODULE$.DurationInt(1)).day().toSeconds(), CORSConfig$.MODULE$.apply$default$4(), CORSConfig$.MODULE$.apply$default$5(), CORSConfig$.MODULE$.apply$default$6(), CORSConfig$.MODULE$.apply$default$7(), CORSConfig$.MODULE$.apply$default$8());
    }

    public <F, G> Kleisli<F, Request<G>, Response<G>> apply(Kleisli<F, Request<G>, Response<G>> kleisli, CORSConfig cORSConfig, Applicative<F> applicative) {
        if (cORSConfig.anyOrigin() && cORSConfig.allowCredentials()) {
            logger().warn("Insecure CORS config detected: `anyOrigin=true` and `allowCredentials=true` are mutually exclusive. `Access-Control-Allow-Credentials` header will not be sent. Change either flag to false to remove this warning.");
        }
        return new Kleisli<>(request -> {
            Object apply;
            Object pure$extension;
            Tuple3 tuple3 = new Tuple3(request.method(), Headers$.MODULE$.get$extension(request.headers(), Origin$.MODULE$), Headers$.MODULE$.get$extension(request.headers(), Access$minusControl$minusRequest$minusMethod$.MODULE$));
            if (tuple3 != null) {
                Method method = (Method) tuple3._1();
                Option option = (Option) tuple3._2();
                Option option2 = (Option) tuple3._3();
                Method.Semantics.Safe OPTIONS = Method$.MODULE$.OPTIONS();
                if (OPTIONS != null ? OPTIONS.equals(method) : method == null) {
                    if (option instanceof Some) {
                        Origin origin = (Origin) ((Some) option).value();
                        if (option2 instanceof Some) {
                            Header header = (Header) ((Some) option2).value();
                            if (allowCORS$1(origin, header, cORSConfig)) {
                                if (MODULE$.logger().isDebugEnabled()) {
                                    MODULE$.logger().debug(new StringBuilder(39).append("Serving OPTIONS with CORS headers for ").append(header).append(" ").append(request.uri()).toString());
                                }
                                apply = ApplicativeIdOps$.MODULE$.pure$extension(package$all$.MODULE$.catsSyntaxApplicativeId(createOptionsResponse$1(origin, header, cORSConfig)), applicative);
                                return apply;
                            }
                        }
                    }
                }
            }
            if (tuple3 != null) {
                Option option3 = (Option) tuple3._2();
                if (option3 instanceof Some) {
                    Origin origin2 = (Origin) ((Some) option3).value();
                    if (allowCORS$1(origin2, Header$.MODULE$.apply("Access-Control-Request-Method", request.method().renderString()), cORSConfig)) {
                        pure$extension = package$all$.MODULE$.toFunctorOps(kleisli.apply(request), applicative).map(response -> {
                            if (MODULE$.logger().isDebugEnabled()) {
                                MODULE$.logger().debug(new StringBuilder(24).append("Adding CORS headers to ").append(request.method()).append(" ").append(request.uri()).toString());
                            }
                            return corsHeaders$1(origin2.value(), request.method().renderString(), false, response, cORSConfig);
                        });
                    } else {
                        if (MODULE$.logger().isDebugEnabled()) {
                            MODULE$.logger().debug(new StringBuilder(30).append("CORS headers were denied for ").append(request.method()).append(" ").append(request.uri()).toString());
                        }
                        pure$extension = ApplicativeIdOps$.MODULE$.pure$extension(package$all$.MODULE$.catsSyntaxApplicativeId(new Response(Status$.MODULE$.Forbidden(), Response$.MODULE$.apply$default$2(), Response$.MODULE$.apply$default$3(), Response$.MODULE$.apply$default$4(), Response$.MODULE$.apply$default$5())), applicative);
                    }
                    apply = pure$extension;
                    return apply;
                }
            }
            apply = kleisli.apply(request);
            return apply;
        });
    }

    public <F, G> CORSConfig apply$default$2() {
        return DefaultCORSConfig();
    }

    public <F> Kleisli<?, Request<F>, Response<F>> httpRoutes(Kleisli<?, Request<F>, Response<F>> kleisli, Monad<F> monad) {
        return apply(kleisli, apply$default$2(), OptionT$.MODULE$.catsDataMonadErrorMonadForOptionT(monad));
    }

    public <F> Kleisli<F, Request<F>, Response<F>> httpApp(Kleisli<F, Request<F>, Response<F>> kleisli, Applicative<F> applicative) {
        return apply(kleisli, apply$default$2(), applicative);
    }

    private static final Response createOptionsResponse$1(Header header, Header header2, CORSConfig cORSConfig) {
        return corsHeaders$1(header.value(), header2.value(), true, new Response(Response$.MODULE$.apply$default$1(), Response$.MODULE$.apply$default$2(), Response$.MODULE$.apply$default$3(), Response$.MODULE$.apply$default$4(), Response$.MODULE$.apply$default$5()), cORSConfig);
    }

    private static final Option methodBasedHeader$1(boolean z, CORSConfig cORSConfig) {
        return z ? cORSConfig.allowedHeaders().map(set -> {
            return headerFromStrings$1("Access-Control-Allow-Headers", set);
        }) : cORSConfig.exposedHeaders().map(set2 -> {
            return headerFromStrings$1("Access-Control-Expose-Headers", set2);
        });
    }

    private static final Response varyHeader$1(Response response) {
        return None$.MODULE$.equals(Headers$.MODULE$.get$extension(response.headers(), CaseInsensitiveString$.MODULE$.apply("Vary"))) ? (Response) response.putHeaders(ScalaRunTime$.MODULE$.wrapRefArray(new Header[]{MODULE$.defaultVaryHeader()})) : response;
    }

    private static final Response allowCredentialsHeader$1(Response response, CORSConfig cORSConfig) {
        return (cORSConfig.anyOrigin() || !cORSConfig.allowCredentials()) ? response : (Response) response.putHeaders(ScalaRunTime$.MODULE$.wrapRefArray(new Header[]{Header$.MODULE$.apply("Access-Control-Allow-Credentials", BooleanUtils.TRUE)}));
    }

    private static final Response corsHeaders$1(String str, String str2, boolean z, Response response, CORSConfig cORSConfig) {
        return (Response) varyHeader$1(allowCredentialsHeader$1((Response) methodBasedHeader$1(z, cORSConfig).fold(() -> {
            return response;
        }, header -> {
            return (Response) response.putHeaders(ScalaRunTime$.MODULE$.wrapRefArray(new Header[]{header}));
        }), cORSConfig)).putHeaders(ScalaRunTime$.MODULE$.wrapRefArray(new Header[]{Header$.MODULE$.apply("Access-Control-Allow-Methods", (String) cORSConfig.allowedMethods().fold(() -> {
            return str2;
        }, set -> {
            return set.mkString("", ", ", "");
        })), Header$.MODULE$.apply("Access-Control-Allow-Origin", str), Header$.MODULE$.apply("Access-Control-Max-Age", Long.toString(cORSConfig.maxAge()))}));
    }

    public static final /* synthetic */ boolean $anonfun$apply$8(String str, Set set) {
        return set.contains(str);
    }

    public static final /* synthetic */ boolean $anonfun$apply$9(String str, Set set) {
        return set.contains(str);
    }

    private static final boolean allowCORS$1(Header header, Header header2, CORSConfig cORSConfig) {
        boolean z;
        Tuple4 tuple4 = new Tuple4(BoxesRunTime.boxToBoolean(cORSConfig.anyOrigin()), BoxesRunTime.boxToBoolean(cORSConfig.anyMethod()), header.value(), header2.value());
        if (tuple4 != null) {
            boolean unboxToBoolean = BoxesRunTime.unboxToBoolean(tuple4._1());
            boolean unboxToBoolean2 = BoxesRunTime.unboxToBoolean(tuple4._2());
            if (true == unboxToBoolean && true == unboxToBoolean2) {
                z = true;
                return z;
            }
        }
        if (tuple4 != null) {
            boolean unboxToBoolean3 = BoxesRunTime.unboxToBoolean(tuple4._1());
            boolean unboxToBoolean4 = BoxesRunTime.unboxToBoolean(tuple4._2());
            String str = (String) tuple4._4();
            if (true == unboxToBoolean3 && false == unboxToBoolean4) {
                z = cORSConfig.allowedMethods().exists(set -> {
                    return BoxesRunTime.boxToBoolean($anonfun$apply$8(str, set));
                });
                return z;
            }
        }
        if (tuple4 != null) {
            boolean unboxToBoolean5 = BoxesRunTime.unboxToBoolean(tuple4._1());
            boolean unboxToBoolean6 = BoxesRunTime.unboxToBoolean(tuple4._2());
            String str2 = (String) tuple4._3();
            if (false == unboxToBoolean5 && true == unboxToBoolean6) {
                z = BoxesRunTime.unboxToBoolean(cORSConfig.allowedOrigins().apply(str2));
                return z;
            }
        }
        if (tuple4 != null) {
            boolean unboxToBoolean7 = BoxesRunTime.unboxToBoolean(tuple4._1());
            boolean unboxToBoolean8 = BoxesRunTime.unboxToBoolean(tuple4._2());
            String str3 = (String) tuple4._3();
            String str4 = (String) tuple4._4();
            if (false == unboxToBoolean7 && false == unboxToBoolean8) {
                z = cORSConfig.allowedMethods().exists(set2 -> {
                    return BoxesRunTime.boxToBoolean($anonfun$apply$9(str4, set2));
                }) && BoxesRunTime.unboxToBoolean(cORSConfig.allowedOrigins().apply(str3));
                return z;
            }
        }
        throw new MatchError(tuple4);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Header headerFromStrings$1(String str, Set set) {
        return Header$.MODULE$.apply(str, set.mkString("", ", ", ""));
    }

    private CORS$() {
    }
}
