package org.springframework.web.socket.sockjs.support;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Random;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.websocket.Constants;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.InvalidMediaTypeException;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.lang.Nullable;
import org.springframework.scheduling.TaskScheduler;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.DigestUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.socket.WebSocketHandler;
import org.springframework.web.socket.sockjs.SockJsException;
import org.springframework.web.socket.sockjs.SockJsService;
import org.springframework.web.util.WebUtils;
import org.thymeleaf.engine.DocType;

/* loaded from: input_file:BOOT-INF/lib/spring-websocket-5.2.13.RELEASE.jar:org/springframework/web/socket/sockjs/support/AbstractSockJsService.class */
public abstract class AbstractSockJsService implements SockJsService, CorsConfigurationSource {
    private static final String XFRAME_OPTIONS_HEADER = "X-Frame-Options";
    private static final long ONE_YEAR = TimeUnit.DAYS.toSeconds(365);
    private static final Random random = new Random();
    private final TaskScheduler taskScheduler;
    protected final Log logger = LogFactory.getLog(getClass());
    private String name = "SockJSService@" + ObjectUtils.getIdentityHexString(this);
    private String clientLibraryUrl = "https://cdn.jsdelivr.net/sockjs/1.0.0/sockjs.min.js";
    private int streamBytesLimit = 131072;
    private boolean sessionCookieNeeded = true;
    private long heartbeatTime = TimeUnit.SECONDS.toMillis(25);
    private long disconnectDelay = TimeUnit.SECONDS.toMillis(5);
    private int httpMessageCacheSize = 100;
    private boolean webSocketEnabled = true;
    private boolean suppressCors = false;
    protected final Set<String> allowedOrigins = new LinkedHashSet();
    private final SockJsRequestHandler infoHandler = new InfoHandler();
    private final SockJsRequestHandler iframeHandler = new IframeHandler();

    /* loaded from: input_file:BOOT-INF/lib/spring-websocket-5.2.13.RELEASE.jar:org/springframework/web/socket/sockjs/support/AbstractSockJsService$IframeHandler.class */
    private class IframeHandler implements SockJsRequestHandler {
        private static final String IFRAME_CONTENT = "<!DOCTYPE html>\n<html>\n<head>\n  <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n  <script>\n    document.domain = document.domain;\n    _sockjs_onload = function(){SockJS.bootstrap_iframe();};\n  </script>\n  <script src=\"%s\"></script>\n</head>\n<body>\n  <h2>Don't panic!</h2>\n  <p>This is a SockJS hidden iframe. It's used for cross domain magic.</p>\n</body>\n</html>";

        private IframeHandler() {
        }

        @Override // org.springframework.web.socket.sockjs.support.AbstractSockJsService.SockJsRequestHandler
        public void handle(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) throws IOException {
            if (serverHttpRequest.getMethod() != HttpMethod.GET) {
                AbstractSockJsService.this.sendMethodNotAllowed(serverHttpResponse, HttpMethod.GET);
                return;
            }
            byte[] bytes = String.format(IFRAME_CONTENT, AbstractSockJsService.this.getSockJsClientLibraryUrl()).getBytes(StandardCharsets.UTF_8);
            StringBuilder sb = new StringBuilder("\"0");
            DigestUtils.appendMd5DigestAsHex(bytes, sb);
            sb.append('\"');
            String sb2 = sb.toString();
            List<String> ifNoneMatch = serverHttpRequest.getHeaders().getIfNoneMatch();
            if (!CollectionUtils.isEmpty(ifNoneMatch) && ifNoneMatch.get(0).equals(sb2)) {
                serverHttpResponse.setStatusCode(HttpStatus.NOT_MODIFIED);
                return;
            }
            serverHttpResponse.getHeaders().setContentType(new MediaType("text", DocType.DEFAULT_ELEMENT_NAME, StandardCharsets.UTF_8));
            serverHttpResponse.getHeaders().setContentLength(bytes.length);
            AbstractSockJsService.this.addNoCacheHeaders(serverHttpResponse);
            serverHttpResponse.getHeaders().setETag(sb2);
            serverHttpResponse.getBody().write(bytes);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/spring-websocket-5.2.13.RELEASE.jar:org/springframework/web/socket/sockjs/support/AbstractSockJsService$InfoHandler.class */
    private class InfoHandler implements SockJsRequestHandler {
        private static final String INFO_CONTENT = "{\"entropy\":%s,\"origins\":[\"*:*\"],\"cookie_needed\":%s,\"websocket\":%s}";

        private InfoHandler() {
        }

        @Override // org.springframework.web.socket.sockjs.support.AbstractSockJsService.SockJsRequestHandler
        public void handle(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) throws IOException {
            if (serverHttpRequest.getMethod() == HttpMethod.GET) {
                AbstractSockJsService.this.addNoCacheHeaders(serverHttpResponse);
                if (AbstractSockJsService.this.checkOrigin(serverHttpRequest, serverHttpResponse, new HttpMethod[0])) {
                    serverHttpResponse.getHeaders().setContentType(new MediaType("application", "json", StandardCharsets.UTF_8));
                    serverHttpResponse.getBody().write(String.format(INFO_CONTENT, Integer.valueOf(AbstractSockJsService.random.nextInt()), Boolean.valueOf(AbstractSockJsService.this.isSessionCookieNeeded()), Boolean.valueOf(AbstractSockJsService.this.isWebSocketEnabled())).getBytes());
                    return;
                }
                return;
            }
            if (serverHttpRequest.getMethod() != HttpMethod.OPTIONS) {
                AbstractSockJsService.this.sendMethodNotAllowed(serverHttpResponse, HttpMethod.GET, HttpMethod.OPTIONS);
            } else if (AbstractSockJsService.this.checkOrigin(serverHttpRequest, serverHttpResponse, new HttpMethod[0])) {
                AbstractSockJsService.this.addCacheHeaders(serverHttpResponse);
                serverHttpResponse.setStatusCode(HttpStatus.NO_CONTENT);
            }
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/spring-websocket-5.2.13.RELEASE.jar:org/springframework/web/socket/sockjs/support/AbstractSockJsService$SockJsRequestHandler.class */
    private interface SockJsRequestHandler {
        void handle(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) throws IOException;
    }

    public AbstractSockJsService(TaskScheduler taskScheduler) {
        Assert.notNull(taskScheduler, "TaskScheduler must not be null");
        this.taskScheduler = taskScheduler;
    }

    public TaskScheduler getTaskScheduler() {
        return this.taskScheduler;
    }

    public void setName(String str) {
        this.name = str;
    }

    public String getName() {
        return this.name;
    }

    public void setSockJsClientLibraryUrl(String str) {
        this.clientLibraryUrl = str;
    }

    public String getSockJsClientLibraryUrl() {
        return this.clientLibraryUrl;
    }

    public void setStreamBytesLimit(int i) {
        this.streamBytesLimit = i;
    }

    public int getStreamBytesLimit() {
        return this.streamBytesLimit;
    }

    public void setSessionCookieNeeded(boolean z) {
        this.sessionCookieNeeded = z;
    }

    public boolean isSessionCookieNeeded() {
        return this.sessionCookieNeeded;
    }

    public void setHeartbeatTime(long j) {
        this.heartbeatTime = j;
    }

    public long getHeartbeatTime() {
        return this.heartbeatTime;
    }

    public void setDisconnectDelay(long j) {
        this.disconnectDelay = j;
    }

    public long getDisconnectDelay() {
        return this.disconnectDelay;
    }

    public void setHttpMessageCacheSize(int i) {
        this.httpMessageCacheSize = i;
    }

    public int getHttpMessageCacheSize() {
        return this.httpMessageCacheSize;
    }

    public void setWebSocketEnabled(boolean z) {
        this.webSocketEnabled = z;
    }

    public boolean isWebSocketEnabled() {
        return this.webSocketEnabled;
    }

    public void setSuppressCors(boolean z) {
        this.suppressCors = z;
    }

    public boolean shouldSuppressCors() {
        return this.suppressCors;
    }

    public void setAllowedOrigins(Collection<String> collection) {
        Assert.notNull(collection, "Allowed origins Collection must not be null");
        this.allowedOrigins.clear();
        this.allowedOrigins.addAll(collection);
    }

    public Collection<String> getAllowedOrigins() {
        return Collections.unmodifiableSet(this.allowedOrigins);
    }

    @Override // org.springframework.web.socket.sockjs.SockJsService
    public final void handleRequest(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, @Nullable String str, WebSocketHandler webSocketHandler) throws SockJsException {
        if (str == null) {
            if (this.logger.isWarnEnabled()) {
                this.logger.warn("Expected SockJS path. Failing request: " + serverHttpRequest.getURI());
            }
            serverHttpResponse.setStatusCode(HttpStatus.NOT_FOUND);
            return;
        }
        try {
            serverHttpRequest.getHeaders();
        } catch (InvalidMediaTypeException e) {
        }
        String str2 = this.logger.isDebugEnabled() ? serverHttpRequest.getMethod() + StringUtils.SPACE + serverHttpRequest.getURI() : null;
        try {
            if (str.isEmpty() || str.equals("/")) {
                if (str2 != null) {
                    this.logger.debug("Processing transport request: " + str2);
                }
                serverHttpResponse.getHeaders().setContentType(new MediaType("text", "plain", StandardCharsets.UTF_8));
                serverHttpResponse.getBody().write("Welcome to SockJS!\n".getBytes(StandardCharsets.UTF_8));
            } else if (str.equals("/info")) {
                if (str2 != null) {
                    this.logger.debug("Processing transport request: " + str2);
                }
                this.infoHandler.handle(serverHttpRequest, serverHttpResponse);
            } else if (str.matches("/iframe[0-9-.a-z_]*.html")) {
                if (!this.allowedOrigins.isEmpty() && !this.allowedOrigins.contains("*")) {
                    if (str2 != null) {
                        this.logger.debug("Iframe support is disabled when an origin check is required. Ignoring transport request: " + str2);
                    }
                    serverHttpResponse.setStatusCode(HttpStatus.NOT_FOUND);
                    return;
                } else {
                    if (this.allowedOrigins.isEmpty()) {
                        serverHttpResponse.getHeaders().add("X-Frame-Options", "SAMEORIGIN");
                    }
                    if (str2 != null) {
                        this.logger.debug("Processing transport request: " + str2);
                    }
                    this.iframeHandler.handle(serverHttpRequest, serverHttpResponse);
                }
            } else if (!str.equals("/websocket")) {
                String[] strArr = org.springframework.util.StringUtils.tokenizeToStringArray(str.substring(1), "/");
                if (strArr.length != 3) {
                    if (this.logger.isWarnEnabled()) {
                        this.logger.warn("Invalid SockJS path '" + str + "' - required to have 3 path segments");
                    }
                    if (str2 != null) {
                        this.logger.debug("Ignoring transport request: " + str2);
                    }
                    serverHttpResponse.setStatusCode(HttpStatus.NOT_FOUND);
                    return;
                }
                String str3 = strArr[0];
                String str4 = strArr[1];
                String str5 = strArr[2];
                if (!isWebSocketEnabled() && str5.equals(Constants.UPGRADE_HEADER_VALUE)) {
                    if (str2 != null) {
                        this.logger.debug("WebSocket disabled. Ignoring transport request: " + str2);
                    }
                    serverHttpResponse.setStatusCode(HttpStatus.NOT_FOUND);
                    return;
                } else if (!validateRequest(str3, str4, str5) || !validatePath(serverHttpRequest)) {
                    if (str2 != null) {
                        this.logger.debug("Ignoring transport request: " + str2);
                    }
                    serverHttpResponse.setStatusCode(HttpStatus.NOT_FOUND);
                    return;
                } else {
                    if (str2 != null) {
                        this.logger.debug("Processing transport request: " + str2);
                    }
                    handleTransportRequest(serverHttpRequest, serverHttpResponse, webSocketHandler, str4, str5);
                }
            } else if (isWebSocketEnabled()) {
                if (str2 != null) {
                    this.logger.debug("Processing transport request: " + str2);
                }
                handleRawWebSocketRequest(serverHttpRequest, serverHttpResponse, webSocketHandler);
            } else if (str2 != null) {
                this.logger.debug("WebSocket disabled. Ignoring transport request: " + str2);
            }
            serverHttpResponse.close();
        } catch (IOException e2) {
            throw new SockJsException("Failed to write to the response", null, e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean validateRequest(String str, String str2, String str3) {
        if (!org.springframework.util.StringUtils.hasText(str) || !org.springframework.util.StringUtils.hasText(str2) || !org.springframework.util.StringUtils.hasText(str3)) {
            this.logger.warn("No server, session, or transport path segment in SockJS request.");
            return false;
        }
        if (!str.contains(".") && !str2.contains(".")) {
            return true;
        }
        this.logger.warn("Either server or session contains a \".\" which is not allowed by SockJS protocol.");
        return false;
    }

    private boolean validatePath(ServerHttpRequest serverHttpRequest) {
        String path = serverHttpRequest.getURI().getPath();
        return path.indexOf(59, path.lastIndexOf(47) + 1) == -1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkOrigin(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, HttpMethod... httpMethodArr) throws IOException {
        if (WebUtils.isSameOrigin(serverHttpRequest) || WebUtils.isValidOrigin(serverHttpRequest, this.allowedOrigins)) {
            return true;
        }
        if (this.logger.isWarnEnabled()) {
            this.logger.warn("Origin header value '" + serverHttpRequest.getHeaders().getOrigin() + "' not allowed.");
        }
        serverHttpResponse.setStatusCode(HttpStatus.FORBIDDEN);
        return false;
    }

    @Override // org.springframework.web.cors.CorsConfigurationSource
    @Nullable
    public CorsConfiguration getCorsConfiguration(HttpServletRequest httpServletRequest) {
        if (this.suppressCors || httpServletRequest.getHeader("Origin") == null) {
            return null;
        }
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(new ArrayList(this.allowedOrigins));
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.setMaxAge(Long.valueOf(ONE_YEAR));
        corsConfiguration.addAllowedHeader("*");
        return corsConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCacheHeaders(ServerHttpResponse serverHttpResponse) {
        serverHttpResponse.getHeaders().setCacheControl("public, max-age=" + ONE_YEAR);
        serverHttpResponse.getHeaders().setExpires(new Date().getTime() + (ONE_YEAR * 1000));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addNoCacheHeaders(ServerHttpResponse serverHttpResponse) {
        serverHttpResponse.getHeaders().setCacheControl("no-store, no-cache, must-revalidate, max-age=0");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendMethodNotAllowed(ServerHttpResponse serverHttpResponse, HttpMethod... httpMethodArr) {
        this.logger.warn("Sending Method Not Allowed (405)");
        serverHttpResponse.setStatusCode(HttpStatus.METHOD_NOT_ALLOWED);
        serverHttpResponse.getHeaders().setAllow(new LinkedHashSet(Arrays.asList(httpMethodArr)));
    }

    protected abstract void handleRawWebSocketRequest(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, WebSocketHandler webSocketHandler) throws IOException;

    protected abstract void handleTransportRequest(ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse, WebSocketHandler webSocketHandler, String str, String str2) throws SockJsException;
}
