package org.apereo.cas.services.web.support;

import java.util.Map;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.BooleanUtils;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.security.ResponseHeadersEnforcementFilter;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceProperty;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.web.support.ArgumentExtractor;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-web-api-6.0.2.jar:org/apereo/cas/services/web/support/RegisteredServiceResponseHeadersEnforcementFilter.class */
public class RegisteredServiceResponseHeadersEnforcementFilter extends ResponseHeadersEnforcementFilter {
    private final ServicesManager servicesManager;
    private final ArgumentExtractor argumentExtractor;
    private final AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionStrategies;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertContentSecurityPolicyHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_CONTENT_SECURITY_POLICY)) {
            super.insertContentSecurityPolicyHeader(httpServletResponse, httpServletRequest);
        } else {
            super.decideInsertContentSecurityPolicyHeader(httpServletResponse, httpServletRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertXSSProtectionHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XSS_PROTECTION)) {
            super.insertXSSProtectionHeader(httpServletResponse, httpServletRequest);
        } else {
            super.decideInsertXSSProtectionHeader(httpServletResponse, httpServletRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertXFrameOptionsHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XFRAME_OPTIONS)) {
            super.insertXFrameOptionsHeader(httpServletResponse, httpServletRequest, getStringProperty(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_XFRAME_OPTIONS));
        } else {
            super.decideInsertXFrameOptionsHeader(httpServletResponse, httpServletRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertXContentTypeOptionsHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XCONTENT_OPTIONS)) {
            super.insertXContentTypeOptionsHeader(httpServletResponse, httpServletRequest);
        } else {
            super.decideInsertXContentTypeOptionsHeader(httpServletResponse, httpServletRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertCacheControlHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_CACHE_CONTROL)) {
            super.insertCacheControlHeader(httpServletResponse, httpServletRequest);
        } else {
            super.decideInsertCacheControlHeader(httpServletResponse, httpServletRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.security.ResponseHeadersEnforcementFilter
    public void decideInsertStrictTransportSecurityHeader(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        if (shouldHttpHeaderBeInjectedIntoResponse(httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_STRICT_TRANSPORT_SECURITY)) {
            super.insertStrictTransportSecurityHeader(httpServletResponse, httpServletRequest);
        } else {
            super.decideInsertStrictTransportSecurityHeader(httpServletResponse, httpServletRequest);
        }
    }

    private String getStringProperty(HttpServletRequest httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties registeredServiceProperties) {
        Optional<RegisteredService> registeredServiceFromRequest = getRegisteredServiceFromRequest(httpServletRequest);
        if (!registeredServiceFromRequest.isPresent()) {
            return null;
        }
        Map<String, RegisteredServiceProperty> properties = registeredServiceFromRequest.get().getProperties();
        if (properties.containsKey(registeredServiceProperties.getPropertyName())) {
            return properties.get(registeredServiceProperties.getPropertyName()).getValue();
        }
        return null;
    }

    private boolean shouldHttpHeaderBeInjectedIntoResponse(HttpServletRequest httpServletRequest, RegisteredServiceProperty.RegisteredServiceProperties registeredServiceProperties) {
        return getRegisteredServiceFromRequest(httpServletRequest).filter(registeredService -> {
            return registeredServiceProperties.isAssignedTo(registeredService, BooleanUtils::toBoolean);
        }).isPresent();
    }

    private Optional<RegisteredService> getRegisteredServiceFromRequest(HttpServletRequest httpServletRequest) {
        WebApplicationService extractService = this.argumentExtractor.extractService(httpServletRequest);
        if (extractService == null) {
            return Optional.empty();
        }
        return Optional.ofNullable(this.servicesManager.findServiceBy(this.authenticationRequestServiceSelectionStrategies.resolveService(extractService)));
    }

    @Generated
    public RegisteredServiceResponseHeadersEnforcementFilter(ServicesManager servicesManager, ArgumentExtractor argumentExtractor, AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan) {
        this.servicesManager = servicesManager;
        this.argumentExtractor = argumentExtractor;
        this.authenticationRequestServiceSelectionStrategies = authenticationServiceSelectionPlan;
    }
}
