package org.pac4j.core.matching.checker;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import org.pac4j.core.context.HttpConstants;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.matching.matcher.CacheControlMatcher;
import org.pac4j.core.matching.matcher.CorsMatcher;
import org.pac4j.core.matching.matcher.DefaultMatchers;
import org.pac4j.core.matching.matcher.HttpMethodMatcher;
import org.pac4j.core.matching.matcher.Matcher;
import org.pac4j.core.matching.matcher.StrictTransportSecurityMatcher;
import org.pac4j.core.matching.matcher.XContentTypeOptionsMatcher;
import org.pac4j.core.matching.matcher.XFrameOptionsMatcher;
import org.pac4j.core.matching.matcher.XSSProtectionMatcher;
import org.pac4j.core.matching.matcher.csrf.CsrfTokenGeneratorMatcher;
import org.pac4j.core.matching.matcher.csrf.DefaultCsrfTokenGenerator;
import org.pac4j.core.util.CommonHelper;

/* loaded from: input_file:WEB-INF/lib/pac4j-core-4.0.3.jar:org/pac4j/core/matching/checker/DefaultMatchingChecker.class */
public class DefaultMatchingChecker implements MatchingChecker {
    private static final Matcher GET_MATCHER = new HttpMethodMatcher(HttpConstants.HTTP_METHOD.GET);
    private static final Matcher POST_MATCHER = new HttpMethodMatcher(HttpConstants.HTTP_METHOD.POST);
    private static final Matcher PUT_MATCHER = new HttpMethodMatcher(HttpConstants.HTTP_METHOD.PUT);
    private static final Matcher DELETE_MATCHER = new HttpMethodMatcher(HttpConstants.HTTP_METHOD.DELETE);
    static final StrictTransportSecurityMatcher STRICT_TRANSPORT_MATCHER = new StrictTransportSecurityMatcher();
    static final XContentTypeOptionsMatcher X_CONTENT_TYPE_OPTIONS_MATCHER = new XContentTypeOptionsMatcher();
    static final XFrameOptionsMatcher X_FRAME_OPTIONS_MATCHER = new XFrameOptionsMatcher();
    static final XSSProtectionMatcher XSS_PROTECTION_MATCHER = new XSSProtectionMatcher();
    static final CacheControlMatcher CACHE_CONTROL_MATCHER = new CacheControlMatcher();
    static final CsrfTokenGeneratorMatcher CSRF_TOKEN_MATCHER = new CsrfTokenGeneratorMatcher(new DefaultCsrfTokenGenerator());
    static final CorsMatcher CORS_MATCHER = new CorsMatcher();

    @Override // org.pac4j.core.matching.checker.MatchingChecker
    public boolean matches(WebContext webContext, String str, Map<String, Matcher> map) {
        String str2 = str;
        if (CommonHelper.isBlank(str2)) {
            str2 = "securityheaders,csrfToken";
        }
        ArrayList arrayList = new ArrayList();
        CommonHelper.assertNotNull("matchersMap", map);
        Map<String, Matcher> buildAllMatchers = buildAllMatchers(map);
        for (String str3 : str2.split(",")) {
            String trim = str3.trim();
            if (DefaultMatchers.HSTS.equalsIgnoreCase(trim)) {
                arrayList.add(STRICT_TRANSPORT_MATCHER);
            } else if ("nosniff".equalsIgnoreCase(trim)) {
                arrayList.add(X_CONTENT_TYPE_OPTIONS_MATCHER);
            } else if (DefaultMatchers.NOFRAME.equalsIgnoreCase(trim)) {
                arrayList.add(X_FRAME_OPTIONS_MATCHER);
            } else if (DefaultMatchers.XSSPROTECTION.equalsIgnoreCase(trim)) {
                arrayList.add(XSS_PROTECTION_MATCHER);
            } else if (DefaultMatchers.NOCACHE.equalsIgnoreCase(trim)) {
                arrayList.add(CACHE_CONTROL_MATCHER);
            } else if (DefaultMatchers.SECURITYHEADERS.equalsIgnoreCase(trim)) {
                arrayList.add(CACHE_CONTROL_MATCHER);
                arrayList.add(X_CONTENT_TYPE_OPTIONS_MATCHER);
                arrayList.add(STRICT_TRANSPORT_MATCHER);
                arrayList.add(X_FRAME_OPTIONS_MATCHER);
                arrayList.add(XSS_PROTECTION_MATCHER);
            } else if (DefaultMatchers.CSRF_TOKEN.equalsIgnoreCase(trim)) {
                arrayList.add(CSRF_TOKEN_MATCHER);
            } else if (DefaultMatchers.ALLOW_AJAX_REQUESTS.equalsIgnoreCase(trim)) {
                arrayList.add(CORS_MATCHER);
            } else if (!"none".equalsIgnoreCase(trim)) {
                Matcher matcher = null;
                Iterator<Map.Entry<String, Matcher>> it = buildAllMatchers.entrySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Map.Entry<String, Matcher> next = it.next();
                    if (CommonHelper.areEqualsIgnoreCaseAndTrim(next.getKey(), trim)) {
                        matcher = next.getValue();
                        break;
                    }
                }
                CommonHelper.assertNotNull("allMatchers['" + trim + "']", matcher);
                arrayList.add(matcher);
            }
        }
        if (arrayList.isEmpty()) {
            return true;
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            if (!((Matcher) it2.next()).matches(webContext)) {
                return false;
            }
        }
        return true;
    }

    private Map<String, Matcher> buildAllMatchers(Map<String, Matcher> map) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(map);
        addDefaultMatcherIfNotDefined(hashMap, DefaultMatchers.GET, GET_MATCHER);
        addDefaultMatcherIfNotDefined(hashMap, DefaultMatchers.POST, POST_MATCHER);
        addDefaultMatcherIfNotDefined(hashMap, DefaultMatchers.PUT, PUT_MATCHER);
        addDefaultMatcherIfNotDefined(hashMap, DefaultMatchers.DELETE, DELETE_MATCHER);
        return hashMap;
    }

    private void addDefaultMatcherIfNotDefined(Map<String, Matcher> map, String str, Matcher matcher) {
        if (map.containsKey(str)) {
            return;
        }
        map.put(str, matcher);
    }

    static {
        CORS_MATCHER.setAllowOrigin("*");
        CORS_MATCHER.setAllowCredentials(true);
        HashSet hashSet = new HashSet();
        hashSet.add(HttpConstants.HTTP_METHOD.GET);
        hashSet.add(HttpConstants.HTTP_METHOD.PUT);
        hashSet.add(HttpConstants.HTTP_METHOD.POST);
        hashSet.add(HttpConstants.HTTP_METHOD.DELETE);
        hashSet.add(HttpConstants.HTTP_METHOD.OPTIONS);
        CORS_MATCHER.setAllowMethods(hashSet);
    }
}
