package io.micronaut.views.csp;

import io.micronaut.core.util.StringUtils;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.MutableHttpResponse;
import io.micronaut.http.annotation.Filter;
import io.micronaut.http.filter.HttpServerFilter;
import io.micronaut.http.filter.ServerFilterChain;
import io.reactivex.Flowable;
import javax.annotation.Nullable;
import org.reactivestreams.Publisher;

@Filter({"${micronaut.views.csp.filter-path:/**}"})
/* loaded from: input_file:io/micronaut/views/csp/CspFilter.class */
public class CspFilter implements HttpServerFilter {
    public static final String CSP_HEADER = "Content-Security-Policy";
    public static final String CSP_REPORT_ONLY_HEADER = "Content-Security-Policy-Report-Only";
    public static final String NONCE_PROPERTY = "cspNonce";
    public static final String NONCE_TOKEN = "{#nonceValue}";
    protected final CspConfiguration cspConfiguration;

    public CspFilter(CspConfiguration cspConfiguration) {
        this.cspConfiguration = cspConfiguration;
    }

    @Nullable
    private String nonceValue() {
        if (this.cspConfiguration.isNonceEnabled()) {
            return this.cspConfiguration.generateNonce();
        }
        return null;
    }

    public Publisher<MutableHttpResponse<?>> doFilter(HttpRequest<?> httpRequest, ServerFilterChain serverFilterChain) {
        String nonceValue = nonceValue();
        return Flowable.fromPublisher(serverFilterChain.proceed(httpRequest.setAttribute(NONCE_PROPERTY, nonceValue))).doOnNext(mutableHttpResponse -> {
            this.cspConfiguration.getPolicyDirectives().map(StringUtils::trimToNull).ifPresent(str -> {
                String str;
                String str2 = this.cspConfiguration.isReportOnly() ? CSP_REPORT_ONLY_HEADER : CSP_HEADER;
                if (!str.contains(NONCE_TOKEN)) {
                    str = str;
                } else {
                    if (nonceValue == null) {
                        throw new IllegalArgumentException("Must enable CSP nonce generation to use '{#nonceValue}' placeholder.");
                    }
                    str = str.replace(NONCE_TOKEN, nonceValue);
                }
                mutableHttpResponse.getHeaders().add(str2, str);
            });
        });
    }
}
