package com.atlassian.jira.security.xsrf;

import com.atlassian.http.url.SameOrigin;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.web.util.ChangeHistoryUtils;
import com.google.common.collect.ImmutableSet;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/atlassian/jira/security/xsrf/OriginChecker.class */
public class OriginChecker {
    private static final ImmutableSet<String> BROWSER_EXTENSION_ORIGINS = ImmutableSet.of("chrome-extension", "safari-extension");

    private OriginChecker() {
    }

    public static boolean isOriginAllowed(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Origin");
        String sanitisedReferrer = getSanitisedReferrer(httpServletRequest);
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        return isSameOrigin(sanitisedReferrer, stringBuffer) || isSameOrigin(header, stringBuffer) || isOriginABrowserExtension(header);
    }

    public static boolean isOriginABrowserExtension(String str) {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        try {
            URI uri = new URI(str);
            if (getBrowserExtensionOrigins().contains(uri.getScheme())) {
                if (!uri.isOpaque()) {
                    return true;
                }
            }
            return false;
        } catch (URISyntaxException e) {
            return false;
        }
    }

    private static String getSanitisedReferrer(HttpServletRequest httpServletRequest) {
        return StringUtils.substringBefore(httpServletRequest.getHeader("Referer"), "?");
    }

    private static boolean isSameOrigin(String str, String str2) {
        try {
            if (StringUtils.isNotEmpty(str)) {
                if (SameOrigin.isSameOrigin(new URI(str), new URI(str2))) {
                    return true;
                }
            }
            return false;
        } catch (IllegalArgumentException | MalformedURLException | URISyntaxException e) {
            return false;
        }
    }

    private static ImmutableSet<String> getBrowserExtensionOrigins() {
        String defaultBackedString = ComponentAccessor.getApplicationProperties().getDefaultBackedString("com.atlassian.jira.xsrf.allowed.browswer.extension.origins");
        return defaultBackedString == null ? BROWSER_EXTENSION_ORIGINS : defaultBackedString.isEmpty() ? ImmutableSet.of() : ImmutableSet.copyOf(defaultBackedString.split(ChangeHistoryUtils.TERMINATOR));
    }
}
