package io.quarkus.devui.runtime;

import io.quarkus.vertx.http.runtime.cors.CORSConfig;
import io.quarkus.vertx.http.runtime.cors.CORSFilter;
import io.vertx.core.Handler;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.ext.web.RoutingContext;
import java.time.Duration;
import java.util.List;
import java.util.Optional;
import org.eclipse.microprofile.config.ConfigProvider;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/devui/runtime/DevUICORSFilter.class */
public class DevUICORSFilter implements Handler<RoutingContext> {
    private static final Logger LOG = Logger.getLogger(DevUICORSFilter.class);
    private static final String HTTP_PORT_CONFIG_PROP = "quarkus.http.port";
    private static final String HTTPS_PORT_CONFIG_PROP = "quarkus.http.ssl-port";
    private static final String LOCAL_HOST = "localhost";
    private static final String LOCAL_HOST_IP = "127.0.0.1";
    private static final String HTTP_LOCAL_HOST = "http://localhost";
    private static final String HTTPS_LOCAL_HOST = "https://localhost";
    private static final String HTTP_LOCAL_HOST_IP = "http://127.0.0.1";
    private static final String HTTPS_LOCAL_HOST_IP = "https://127.0.0.1";
    private static final String CHROME_EXTENSION = "chrome-extension://";

    private static CORSFilter corsFilter() {
        final int intValue = ((Integer) ConfigProvider.getConfig().getValue(HTTP_PORT_CONFIG_PROP, Integer.TYPE)).intValue();
        final int intValue2 = ((Integer) ConfigProvider.getConfig().getValue(HTTPS_PORT_CONFIG_PROP, Integer.TYPE)).intValue();
        return new CORSFilter(new CORSConfig() { // from class: io.quarkus.devui.runtime.DevUICORSFilter.1
            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<List<String>> origins() {
                return Optional.of(List.of("http://localhost:" + intValue, "http://127.0.0.1:" + intValue, "https://localhost:" + intValue2, "https://127.0.0.1:" + intValue2));
            }

            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<List<String>> methods() {
                return Optional.empty();
            }

            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<List<String>> headers() {
                return Optional.empty();
            }

            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<List<String>> exposedHeaders() {
                return Optional.empty();
            }

            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<Duration> accessControlMaxAge() {
                return Optional.empty();
            }

            @Override // io.quarkus.vertx.http.runtime.cors.CORSConfig
            public Optional<Boolean> accessControlAllowCredentials() {
                return Optional.empty();
            }
        });
    }

    public void handle(RoutingContext routingContext) {
        HttpServerRequest request = routingContext.request();
        HttpServerResponse response = routingContext.response();
        String header = request.getHeader(HttpHeaders.ORIGIN);
        if (header == null) {
            corsFilter().handle(routingContext);
            return;
        }
        if (header.startsWith(HTTP_LOCAL_HOST) || header.startsWith(HTTPS_LOCAL_HOST) || header.startsWith(HTTP_LOCAL_HOST_IP) || header.startsWith(HTTPS_LOCAL_HOST_IP)) {
            corsFilter().handle(routingContext);
            return;
        }
        if (!header.startsWith(CHROME_EXTENSION)) {
            LOG.errorf("Only localhost origin is allowed, but Origin header value is: %s", header);
        }
        response.setStatusCode(403);
        response.setStatusMessage("CORS Rejected - Invalid origin");
        response.end();
    }
}
