package org.restcomm.connect.rvd.http.cors;

import com.google.common.net.HttpHeaders;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
import java.io.File;
import java.util.List;
import javax.ws.rs.ext.Provider;
import org.restcomm.connect.rvd.RvdConfiguration;

@Provider
/* loaded from: input_file:WEB-INF/classes/org/restcomm/connect/rvd/http/cors/CorsFilter.class */
public class CorsFilter implements ContainerResponseFilter {
    List<String> allowedOrigins;

    public CorsFilter() {
        String file = CorsFilter.class.getClassLoader().getResource("rvd.version").getFile();
        this.allowedOrigins = RvdConfiguration.loadRvdXmlConfig(new File(file.substring(0, file.indexOf("/classes/")) + "/rvd.xml").getAbsolutePath()).getAllowedCorsOrigins();
    }

    @Override // com.sun.jersey.spi.container.ContainerResponseFilter
    public ContainerResponse filter(ContainerRequest containerRequest, ContainerResponse containerResponse) {
        String headerValue = containerRequest.getHeaderValue(HttpHeaders.ORIGIN);
        if (headerValue != null && this.allowedOrigins != null && !this.allowedOrigins.isEmpty() && (this.allowedOrigins.contains(headerValue) || this.allowedOrigins.contains("*"))) {
            containerResponse.getHttpHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, headerValue);
            containerResponse.getHttpHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "origin, content-type, accept, authorization");
            containerResponse.getHttpHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            containerResponse.getHttpHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS, HEAD");
            containerResponse.getHttpHeaders().add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "1209600");
        }
        return containerResponse;
    }
}
