package com.almworks.structure.commons.security;

import com.atlassian.applinks.api.ReadOnlyApplicationLinkService;
import com.atlassian.cache.CacheManager;
import com.atlassian.event.api.EventPublisher;
import java.io.IOException;
import java.util.Arrays;
import java.util.Optional;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/lib/structure-shared-confluence-1.0.0.jar:com/almworks/structure/commons/security/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
    private final SecurityInterceptorEnhancer myEnhancer;

    private SecurityFilter(SecurityInterceptorEnhancer securityInterceptorEnhancer) {
        this.myEnhancer = securityInterceptorEnhancer;
    }

    public SecurityFilter(ReadOnlyApplicationLinkService readOnlyApplicationLinkService, CacheManager cacheManager, EventPublisher eventPublisher) {
        this.myEnhancer = new SecurityInterceptorEnhancer(readOnlyApplicationLinkService, cacheManager, eventPublisher);
    }

    public void doFilter(final ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
                final HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
                HttpServletResponseWrapper httpServletResponseWrapper = new HttpServletResponseWrapper(httpServletResponse) { // from class: com.almworks.structure.commons.security.SecurityFilter.1
                    public void setHeader(String str, String str2) {
                        if (StringUtils.equalsIgnoreCase(str, HttpHeaders.CONTENT_SECURITY_POLICY) || SecurityFilter.this.shouldEnforceCSPHeader(servletRequest)) {
                            SecurityFilter.this.myEnhancer.setContentSecurityPolicy(httpServletResponse, str2);
                        } else if (StringUtils.equalsIgnoreCase(str, HttpHeaders.X_FRAME_OPTIONS)) {
                            SecurityFilter.this.myEnhancer.setXFrameOptions((HttpServletRequest) servletRequest, httpServletResponse, str2);
                        } else {
                            super.setHeader(str, str2);
                        }
                    }
                };
                Arrays.asList(HttpHeaders.CONTENT_SECURITY_POLICY, HttpHeaders.X_FRAME_OPTIONS).forEach(str -> {
                    httpServletResponseWrapper.setHeader(str, httpServletResponse.getHeader(str));
                });
                filterChain.doFilter(servletRequest, httpServletResponseWrapper);
            } else {
                filterChain.doFilter(servletRequest, servletResponse);
            }
        } catch (Exception e) {
            logger.error("Unexpected exception in servlet filter", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean shouldEnforceCSPHeader(HttpServletRequest httpServletRequest) {
        Optional map = Optional.ofNullable(httpServletRequest.getRequestURL()).map((v0) -> {
            return v0.toString();
        });
        return map.isPresent() && (isMacroBrowserIframe((String) map.get()) || isGadgetPluginRequest((String) map.get()));
    }

    private boolean isGadgetPluginRequest(String str) {
        return str.contains("/plugins/servlet/gadgets");
    }

    private boolean isMacroBrowserIframe(String str) {
        return str.contains("blank.html");
    }

    public void destroy() {
        logger.warn(this + " stopping");
        this.myEnhancer.destroy();
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
