package org.swisspush.gateleen.core.cors;

import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServerRequest;
import org.slf4j.Logger;
import org.swisspush.gateleen.core.http.RequestLoggerFactory;
import org.swisspush.gateleen.core.util.StatusCode;

/* loaded from: input_file:org/swisspush/gateleen/core/cors/CORSHandler.class */
public class CORSHandler {
    private boolean addCORSheaders;

    public boolean isOptionsRequest(HttpServerRequest httpServerRequest) {
        return HttpMethod.OPTIONS == httpServerRequest.method();
    }

    public CORSHandler() {
        this.addCORSheaders = false;
        this.addCORSheaders = Boolean.parseBoolean(System.getProperty("org.swisspush.gateleen.addcorsheaders"));
    }

    public void handle(HttpServerRequest httpServerRequest) {
        Logger logger = RequestLoggerFactory.getLogger((Class<?>) CORSHandler.class, httpServerRequest);
        addCORSHeaders(httpServerRequest, logger);
        if (isOptionsRequest(httpServerRequest)) {
            logger.info("Got OPTIONS request. Respond with statusCode 200");
            httpServerRequest.response().setStatusCode(StatusCode.OK.getStatusCode());
            httpServerRequest.response().end();
        }
    }

    private void addCORSHeaders(HttpServerRequest httpServerRequest, Logger logger) {
        String str = httpServerRequest.headers().get("Origin");
        if (!this.addCORSheaders || str == null) {
            return;
        }
        httpServerRequest.response().headers().set("Access-Control-Allow-Origin", str);
        httpServerRequest.response().headers().set("Access-Control-Allow-Credentials", "true");
        httpServerRequest.response().headers().set("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
        if (HttpMethod.OPTIONS == httpServerRequest.method()) {
            httpServerRequest.response().headers().set("Access-Control-Allow-Headers", httpServerRequest.headers().get("Access-Control-Request-Headers"));
        }
        logger.debug("Setting Access-Control-Allow-Origin headers");
    }
}
