package org.springframework.cloud.gateway.filter.factory;

import java.util.HashSet;
import java.util.Locale;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.support.GatewayToStringStyler;
import org.springframework.http.HttpHeaders;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactory.class */
public class SecureHeadersGatewayFilterFactory extends AbstractGatewayFilterFactory<Config> {
    public static final String X_XSS_PROTECTION_HEADER = "X-Xss-Protection";
    public static final String STRICT_TRANSPORT_SECURITY_HEADER = "Strict-Transport-Security";
    public static final String X_FRAME_OPTIONS_HEADER = "X-Frame-Options";
    public static final String X_CONTENT_TYPE_OPTIONS_HEADER = "X-Content-Type-Options";
    public static final String REFERRER_POLICY_HEADER = "Referrer-Policy";
    public static final String CONTENT_SECURITY_POLICY_HEADER = "Content-Security-Policy";
    public static final String X_DOWNLOAD_OPTIONS_HEADER = "X-Download-Options";
    public static final String X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER = "X-Permitted-Cross-Domain-Policies";
    private final SecureHeadersProperties properties;

    /* loaded from: input_file:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactory$Config.class */
    public static class Config {
        private Set<String> routeEnabledHeaders = new HashSet();
        private Set<String> routeDisabledHeaders = new HashSet();
        private String routePermissionsPolicyHeaderValue;
        private boolean routeFilterConfigProvided;
        private String xssProtectionHeaderValue;
        private String strictTransportSecurityHeaderValue;
        private String frameOptionsHeaderValue;
        private String contentTypeOptionsHeaderValue;
        private String referrerPolicyHeaderValue;
        private String contentSecurityPolicyHeaderValue;
        private String downloadOptionsHeaderValue;
        private String permittedCrossDomainPoliciesHeaderValue;
        private String permissionPolicyHeaderValue;

        public Config withDefaults(SecureHeadersProperties secureHeadersProperties) {
            Config config = new Config();
            config.setEnable(this.routeEnabledHeaders);
            config.setDisable(this.routeDisabledHeaders);
            config.setPermissionsPolicy(this.routePermissionsPolicyHeaderValue);
            config.setXssProtectionHeaderValue(this.xssProtectionHeaderValue);
            config.setStrictTransportSecurityHeaderValue(this.strictTransportSecurityHeaderValue);
            config.setFrameOptionsHeaderValue(this.frameOptionsHeaderValue);
            config.setContentTypeOptionsHeaderValue(this.contentTypeOptionsHeaderValue);
            config.setReferrerPolicyHeaderValue(this.referrerPolicyHeaderValue);
            config.setContentSecurityPolicyHeaderValue(this.contentSecurityPolicyHeaderValue);
            config.setDownloadOptionsHeaderValue(this.downloadOptionsHeaderValue);
            config.setPermittedCrossDomainPoliciesHeaderValue(this.permittedCrossDomainPoliciesHeaderValue);
            config.setPermissionPolicyHeaderValue(this.permissionPolicyHeaderValue);
            if (config.xssProtectionHeaderValue == null) {
                config.xssProtectionHeaderValue = secureHeadersProperties.getXssProtectionHeader();
            }
            if (config.strictTransportSecurityHeaderValue == null) {
                config.strictTransportSecurityHeaderValue = secureHeadersProperties.getStrictTransportSecurity();
            }
            if (config.frameOptionsHeaderValue == null) {
                config.frameOptionsHeaderValue = secureHeadersProperties.getFrameOptions();
            }
            if (config.contentTypeOptionsHeaderValue == null) {
                config.contentTypeOptionsHeaderValue = secureHeadersProperties.getContentTypeOptions();
            }
            if (config.referrerPolicyHeaderValue == null) {
                config.referrerPolicyHeaderValue = secureHeadersProperties.getReferrerPolicy();
            }
            if (config.contentSecurityPolicyHeaderValue == null) {
                config.contentSecurityPolicyHeaderValue = secureHeadersProperties.getContentSecurityPolicy();
            }
            if (config.downloadOptionsHeaderValue == null) {
                config.downloadOptionsHeaderValue = secureHeadersProperties.getDownloadOptions();
            }
            if (config.permittedCrossDomainPoliciesHeaderValue == null) {
                config.permittedCrossDomainPoliciesHeaderValue = secureHeadersProperties.getPermittedCrossDomainPolicies();
            }
            if (config.permissionPolicyHeaderValue == null) {
                config.permissionPolicyHeaderValue = secureHeadersProperties.getPermissionsPolicy();
            }
            return config;
        }

        public String getXssProtectionHeaderValue() {
            return this.xssProtectionHeaderValue;
        }

        public void setXssProtectionHeaderValue(String str) {
            this.xssProtectionHeaderValue = str;
        }

        public String getStrictTransportSecurityHeaderValue() {
            return this.strictTransportSecurityHeaderValue;
        }

        public void setStrictTransportSecurityHeaderValue(String str) {
            this.strictTransportSecurityHeaderValue = str;
        }

        public String getFrameOptionsHeaderValue() {
            return this.frameOptionsHeaderValue;
        }

        public void setFrameOptionsHeaderValue(String str) {
            this.frameOptionsHeaderValue = str;
        }

        public String getContentTypeOptionsHeaderValue() {
            return this.contentTypeOptionsHeaderValue;
        }

        public void setContentTypeOptionsHeaderValue(String str) {
            this.contentTypeOptionsHeaderValue = str;
        }

        public String getReferrerPolicyHeaderValue() {
            return this.referrerPolicyHeaderValue;
        }

        public void setReferrerPolicyHeaderValue(String str) {
            this.referrerPolicyHeaderValue = str;
        }

        public String getContentSecurityPolicyHeaderValue() {
            return this.contentSecurityPolicyHeaderValue;
        }

        public void setContentSecurityPolicyHeaderValue(String str) {
            this.contentSecurityPolicyHeaderValue = str;
        }

        public String getDownloadOptionsHeaderValue() {
            return this.downloadOptionsHeaderValue;
        }

        public void setDownloadOptionsHeaderValue(String str) {
            this.downloadOptionsHeaderValue = this.downloadOptionsHeaderValue;
        }

        public String getPermittedCrossDomainPoliciesHeaderValue() {
            return this.permittedCrossDomainPoliciesHeaderValue;
        }

        public void setPermittedCrossDomainPoliciesHeaderValue(String str) {
            this.permittedCrossDomainPoliciesHeaderValue = str;
        }

        public String getPermissionPolicyHeaderValue() {
            return this.permissionPolicyHeaderValue;
        }

        public void setPermissionPolicyHeaderValue(String str) {
            this.permissionPolicyHeaderValue = str;
        }

        void setEnable(Set<String> set) {
            if (set != null) {
                this.routeFilterConfigProvided = true;
                this.routeEnabledHeaders = (Set) set.stream().map((v0) -> {
                    return v0.toLowerCase();
                }).collect(Collectors.toUnmodifiableSet());
            }
        }

        Set<String> getRouteEnabledHeaders() {
            return this.routeEnabledHeaders;
        }

        void setDisable(Set<String> set) {
            if (set != null) {
                this.routeFilterConfigProvided = true;
                this.routeDisabledHeaders = (Set) set.stream().map((v0) -> {
                    return v0.toLowerCase();
                }).collect(Collectors.toUnmodifiableSet());
            }
        }

        Set<String> getRouteDisabledHeaders() {
            return this.routeDisabledHeaders;
        }

        String getRoutePermissionsPolicyHeaderValue() {
            return this.routePermissionsPolicyHeaderValue;
        }

        void setPermissionsPolicy(String str) {
            this.routeFilterConfigProvided = true;
            this.routePermissionsPolicyHeaderValue = str;
        }

        boolean isRouteFilterConfigProvided() {
            return this.routeFilterConfigProvided;
        }
    }

    public SecureHeadersGatewayFilterFactory(SecureHeadersProperties secureHeadersProperties) {
        super(Config.class);
        this.properties = secureHeadersProperties;
    }

    @Override // org.springframework.cloud.gateway.filter.factory.GatewayFilterFactory
    public GatewayFilter apply(final Config config) {
        return new GatewayFilter() { // from class: org.springframework.cloud.gateway.filter.factory.SecureHeadersGatewayFilterFactory.1
            @Override // org.springframework.cloud.gateway.filter.GatewayFilter
            public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
                HttpHeaders headers = serverWebExchange.getResponse().getHeaders();
                Set<String> assembleHeaders = SecureHeadersGatewayFilterFactory.this.assembleHeaders(config, SecureHeadersGatewayFilterFactory.this.properties);
                Config withDefaults = config.withDefaults(SecureHeadersGatewayFilterFactory.this.properties);
                return gatewayFilterChain.filter(serverWebExchange).then(Mono.fromRunnable(() -> {
                    SecureHeadersGatewayFilterFactory.this.applySecurityHeaders(headers, assembleHeaders, withDefaults);
                }));
            }

            public String toString() {
                return GatewayToStringStyler.filterToStringCreator(SecureHeadersGatewayFilterFactory.this).toString();
            }
        };
    }

    private void applySecurityHeaders(HttpHeaders httpHeaders, Set<String> set, Config config) {
        String routePermissionsPolicyHeaderValue;
        addHeaderIfEnabled(httpHeaders, set, "X-Xss-Protection", config.getXssProtectionHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "Strict-Transport-Security", config.getStrictTransportSecurityHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "X-Frame-Options", config.getFrameOptionsHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "X-Content-Type-Options", config.getContentTypeOptionsHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "Referrer-Policy", config.getReferrerPolicyHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "Content-Security-Policy", config.getContentSecurityPolicyHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "X-Download-Options", config.getDownloadOptionsHeaderValue());
        addHeaderIfEnabled(httpHeaders, set, "X-Permitted-Cross-Domain-Policies", config.getPermittedCrossDomainPoliciesHeaderValue());
        String permissionPolicyHeaderValue = config.getPermissionPolicyHeaderValue();
        if (config.isRouteFilterConfigProvided() && (routePermissionsPolicyHeaderValue = config.getRoutePermissionsPolicyHeaderValue()) != null) {
            permissionPolicyHeaderValue = routePermissionsPolicyHeaderValue;
        }
        addHeaderIfEnabled(httpHeaders, set, SecureHeadersProperties.PERMISSIONS_POLICY_HEADER, permissionPolicyHeaderValue);
    }

    private Set<String> assembleHeaders(Config config, SecureHeadersProperties secureHeadersProperties) {
        HashSet hashSet = new HashSet(secureHeadersProperties.getDefaultHeaders());
        if (config.isRouteFilterConfigProvided()) {
            hashSet.addAll(config.getRouteEnabledHeaders());
            hashSet.removeAll(config.getRouteDisabledHeaders());
        } else {
            hashSet.addAll(secureHeadersProperties.getEnabledHeaders());
            hashSet.removeAll(secureHeadersProperties.getDisabledHeaders());
        }
        return hashSet;
    }

    private void addHeaderIfEnabled(HttpHeaders httpHeaders, Set<String> set, String str, String str2) {
        if (set.contains(str.toLowerCase(Locale.ROOT))) {
            httpHeaders.addIfAbsent(str, str2);
        }
    }
}
