package cn.gtmap.gtc.starter.gcas.config;

import cn.gtmap.gtc.starter.gcas.annotation.FirewalldAspect;
import cn.gtmap.gtc.starter.gcas.filter.xss.XssFilter;
import cn.gtmap.gtc.starter.gcas.property.CorsProperties;
import cn.gtmap.gtc.starter.gcas.property.XssProperties;
import java.util.ArrayList;
import java.util.Iterator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.StringUtils;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@EnableConfigurationProperties({CorsProperties.class, XssProperties.class})
@Configuration
/* loaded from: input_file:cn/gtmap/gtc/starter/gcas/config/FilterConfiguration.class */
public class FilterConfiguration {

    @Value("${filter.xss.sample:false}")
    private String xssSample;

    @Bean({"gtmapXssFilter"})
    public FilterRegistrationBean gtmapXssFilter(XssProperties xssProperties) {
        boolean z = true;
        if ("false".equals(this.xssSample)) {
            z = false;
        }
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new XssFilter(xssProperties.getPath(), xssProperties.isJson(), xssProperties.getExclude(), z), new ServletRegistrationBean[0]);
        filterRegistrationBean.setOrder(1);
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"filter.cors.path"})
    @Bean({"gtmapCorsFilter"})
    public FilterRegistrationBean corsFilter(CorsProperties corsProperties) {
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(new ArrayList(StringUtils.commaDelimitedListToSet(corsProperties.getOrigins())));
        corsConfiguration.setAllowCredentials(Boolean.valueOf(corsProperties.isCredentials()));
        corsConfiguration.setAllowedHeaders(new ArrayList(StringUtils.commaDelimitedListToSet(corsProperties.getHeaders())));
        corsConfiguration.setAllowedMethods(new ArrayList(StringUtils.commaDelimitedListToSet(corsProperties.getMethods().toUpperCase())));
        Iterator it = StringUtils.commaDelimitedListToSet(corsProperties.getPath()).iterator();
        while (it.hasNext()) {
            urlBasedCorsConfigurationSource.registerCorsConfiguration((String) it.next(), corsConfiguration);
        }
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new CorsFilter(urlBasedCorsConfigurationSource), new ServletRegistrationBean[0]);
        filterRegistrationBean.setOrder(0);
        return filterRegistrationBean;
    }

    @Bean
    public FirewalldAspect firewalldAspect() {
        return new FirewalldAspect();
    }
}
