package org.eclipse.scout.rt.server.commons.servlet;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.Map;
import org.eclipse.scout.rt.platform.Bean;
import org.eclipse.scout.rt.platform.config.CONFIG;
import org.eclipse.scout.rt.platform.util.StringUtility;
import org.eclipse.scout.rt.server.commons.ServerCommonsConfigProperties;

@Bean
/* loaded from: input_file:org/eclipse/scout/rt/server/commons/servlet/ContentSecurityPolicy.class */
public class ContentSecurityPolicy {
    public static final String DIRECTIVE_SEPARATOR = "; ";
    public static final String SOURCE_SEPARATOR = " ";
    public static final String DIRECTIVE_BASE_URI = "base-uri";
    public static final String DIRECTIVE_IMG_SRC = "img-src";
    public static final String DIRECTIVE_STYLE_SRC = "style-src";
    public static final String DIRECTIVE_CHILD_SRC = "child-src";
    public static final String DIRECTIVE_CONNECT_SRC = "connect-src";
    public static final String DIRECTIVE_DEFAULT_SRC = "default-src";
    public static final String DIRECTIVE_FONT_SRC = "font-src";
    public static final String DIRECTIVE_FORM_ACTION = "form-action";
    public static final String DIRECTIVE_FRAME_ANCESTORS = "frame-ancestors";
    public static final String DIRECTIVE_MEDIA_SRC = "media-src";
    public static final String DIRECTIVE_OBJECT_SRC = "object-src";
    public static final String DIRECTIVE_PLUGIN_TYPES = "plugin-types";
    public static final String DIRECTIVE_REPORT_URI = "report-uri";
    public static final String DIRECTIVE_SANDBOX = "sandbox";
    public static final String DIRECTIVE_SCRIPT_SRC = "script-src";
    private final Map<String, String> m_directives = new LinkedHashMap();

    public ContentSecurityPolicy() {
        initDirectives();
    }

    protected void initDirectives() {
        withBaseUri(getConfiguredDefault(DIRECTIVE_BASE_URI, null));
        withImgSrc(getConfiguredDefault(DIRECTIVE_IMG_SRC, "'self'"));
        withStyleSrc(getConfiguredDefault(DIRECTIVE_STYLE_SRC, "'self' 'unsafe-inline'"));
        withChildSrc(getConfiguredDefault(DIRECTIVE_CHILD_SRC, "*"));
        withConnectSrc(getConfiguredDefault(DIRECTIVE_CONNECT_SRC, null));
        withDefaultSrc(getConfiguredDefault(DIRECTIVE_DEFAULT_SRC, "'self'"));
        withFontSrc(getConfiguredDefault(DIRECTIVE_FONT_SRC, null));
        withFormAction(getConfiguredDefault(DIRECTIVE_FORM_ACTION, null));
        withFrameAncestors(getConfiguredDefault(DIRECTIVE_FRAME_ANCESTORS, null));
        withMediaSrc(getConfiguredDefault(DIRECTIVE_MEDIA_SRC, null));
        withObjectSrc(getConfiguredDefault(DIRECTIVE_OBJECT_SRC, null));
        withPluginTypes(getConfiguredDefault(DIRECTIVE_PLUGIN_TYPES, null));
        withReportUri(getConfiguredDefault(DIRECTIVE_REPORT_URI, HttpServletControl.CSP_REPORT_URL));
        withSandbox(getConfiguredDefault(DIRECTIVE_SANDBOX, null));
        withScriptSrc(getConfiguredDefault(DIRECTIVE_SCRIPT_SRC, "'self'"));
    }

    protected String getConfiguredDefault(String str, String str2) {
        String str3;
        Map map = (Map) CONFIG.getPropertyValue(ServerCommonsConfigProperties.CspDirectiveProperty.class);
        if (map != null && (str3 = (String) map.get(str)) != null) {
            return str3;
        }
        return str2;
    }

    protected void putOrRemove(String str, String str2) {
        if (str2 == null) {
            this.m_directives.remove(str);
        } else {
            this.m_directives.put(str, str2);
        }
    }

    public final Map<String, String> getDirectives() {
        return this.m_directives;
    }

    public void empty() {
        this.m_directives.clear();
    }

    public ContentSecurityPolicy withBaseUri(String str) {
        putOrRemove(DIRECTIVE_BASE_URI, str);
        return this;
    }

    public ContentSecurityPolicy appendBaseUri(String str) {
        return addOrAppend(DIRECTIVE_BASE_URI, str);
    }

    public ContentSecurityPolicy withChildSrc(String str) {
        putOrRemove(DIRECTIVE_CHILD_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendChildSrc(String str) {
        return addOrAppend(DIRECTIVE_CHILD_SRC, str);
    }

    public ContentSecurityPolicy withConnectSrc(String str) {
        putOrRemove(DIRECTIVE_CONNECT_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendConnectSrc(String str) {
        return addOrAppend(DIRECTIVE_CONNECT_SRC, str);
    }

    public ContentSecurityPolicy withDefaultSrc(String str) {
        putOrRemove(DIRECTIVE_DEFAULT_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendDefaultSrc(String str) {
        return addOrAppend(DIRECTIVE_DEFAULT_SRC, str);
    }

    public ContentSecurityPolicy withFontSrc(String str) {
        putOrRemove(DIRECTIVE_FONT_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendFontSrc(String str) {
        return addOrAppend(DIRECTIVE_FONT_SRC, str);
    }

    public ContentSecurityPolicy withFormAction(String str) {
        putOrRemove(DIRECTIVE_FORM_ACTION, str);
        return this;
    }

    public ContentSecurityPolicy appendFormAction(String str) {
        return addOrAppend(DIRECTIVE_FORM_ACTION, str);
    }

    public ContentSecurityPolicy withFrameAncestors(String str) {
        putOrRemove(DIRECTIVE_FRAME_ANCESTORS, str);
        return this;
    }

    public ContentSecurityPolicy appendFrameAncestors(String str) {
        return addOrAppend(DIRECTIVE_FRAME_ANCESTORS, str);
    }

    public ContentSecurityPolicy withImgSrc(String str) {
        putOrRemove(DIRECTIVE_IMG_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendImgSrc(String str) {
        return addOrAppend(DIRECTIVE_IMG_SRC, str);
    }

    public ContentSecurityPolicy withMediaSrc(String str) {
        putOrRemove(DIRECTIVE_MEDIA_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendMediaSrc(String str) {
        return addOrAppend(DIRECTIVE_MEDIA_SRC, str);
    }

    public ContentSecurityPolicy withObjectSrc(String str) {
        putOrRemove(DIRECTIVE_OBJECT_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendObjectSrc(String str) {
        return addOrAppend(DIRECTIVE_OBJECT_SRC, str);
    }

    public ContentSecurityPolicy withPluginTypes(String str) {
        putOrRemove(DIRECTIVE_PLUGIN_TYPES, str);
        return this;
    }

    public ContentSecurityPolicy appendPluginTypes(String str) {
        return addOrAppend(DIRECTIVE_PLUGIN_TYPES, str);
    }

    public ContentSecurityPolicy withReportUri(String str) {
        putOrRemove(DIRECTIVE_REPORT_URI, str);
        return this;
    }

    public ContentSecurityPolicy appendReportUri(String str) {
        return addOrAppend(DIRECTIVE_REPORT_URI, str);
    }

    public ContentSecurityPolicy withSandbox(String str) {
        putOrRemove(DIRECTIVE_SANDBOX, str);
        return this;
    }

    public ContentSecurityPolicy appendSandbox(String str) {
        return addOrAppend(DIRECTIVE_SANDBOX, str);
    }

    public ContentSecurityPolicy withScriptSrc(String str) {
        putOrRemove(DIRECTIVE_SCRIPT_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendScriptSrc(String str) {
        return addOrAppend(DIRECTIVE_SCRIPT_SRC, str);
    }

    public ContentSecurityPolicy withStyleSrc(String str) {
        putOrRemove(DIRECTIVE_STYLE_SRC, str);
        return this;
    }

    public ContentSecurityPolicy appendStyleSrc(String str) {
        return addOrAppend(DIRECTIVE_STYLE_SRC, str);
    }

    protected ContentSecurityPolicy addOrAppend(String str, String str2) {
        if (str2 == null) {
            return this;
        }
        if (this.m_directives.containsKey(str)) {
            String str3 = this.m_directives.get(str);
            if (!StringUtility.containsString(str3, str2)) {
                this.m_directives.put(str, StringUtility.join(SOURCE_SEPARATOR, new Object[]{str3, str2}));
            }
        } else {
            this.m_directives.put(str, str2);
        }
        return this;
    }

    public String toToken() {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, String> entry : this.m_directives.entrySet()) {
            if (entry.getKey() != null && entry.getValue() != null) {
                arrayList.add(StringUtility.join(SOURCE_SEPARATOR, new Object[]{entry.getKey(), entry.getValue()}));
            }
        }
        return StringUtility.join(DIRECTIVE_SEPARATOR, arrayList);
    }

    public String toString() {
        return toToken();
    }
}
