package no.nav.apiapp;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import no.nav.sbl.util.EnvironmentUtils;
import no.nav.sbl.util.StringUtils;

/* loaded from: input_file:no/nav/apiapp/ComplianceEnforcementFilter.class */
public class ComplianceEnforcementFilter implements Filter {
    private static final Set<String> WHITELIST = new HashSet(Arrays.asList("mozilla", "curl"));
    private static final Set<Function<HttpServletRequest, Stream<String>>> RULES = new HashSet(Arrays.asList(httpServletRequest -> {
        return StringUtils.notNullOrEmpty(httpServletRequest.getHeader("Nav-Consumer-Id")) ? Stream.empty() : Stream.of("provide consumer id (typically application name) in the header: Nav-Consumer-Id");
    }, httpServletRequest2 -> {
        return StringUtils.notNullOrEmpty(httpServletRequest2.getHeader("Nav-Call-Id")) ? Stream.empty() : Stream.of("provide call id (a correlation id) in the header: Nav-Call-Id");
    }));
    private final boolean complianceEnforcementIsActive;

    public ComplianceEnforcementFilter() {
        this.complianceEnforcementIsActive = EnvironmentUtils.isEnvironmentClass(EnvironmentUtils.EnviromentClass.Q) || EnvironmentUtils.isEnvironmentClass(EnvironmentUtils.EnviromentClass.T);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (enforceCompliance(servletRequest)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            List list = (List) RULES.stream().flatMap(function -> {
                return (Stream) function.apply(httpServletRequest);
            }).collect(Collectors.toList());
            if (!list.isEmpty()) {
                httpServletResponse.setStatus(400);
                httpServletResponse.setContentType("text/plain");
                httpServletResponse.getWriter().write(String.format("This looks like a request from an application that does not conform to the following compliance rules at NAV:%sPlease update your application to follow these rules.\n\nYou will not receive this error in production.", list.stream().map(str -> {
                    return " - " + str;
                }).collect(Collectors.joining("\n", "\n\n", "\n\n"))));
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean enforceCompliance(ServletRequest servletRequest) {
        return this.complianceEnforcementIsActive && isApplicationRequest(servletRequest) && !isInternalRequest(servletRequest);
    }

    private boolean isApplicationRequest(ServletRequest servletRequest) {
        String header = ((HttpServletRequest) servletRequest).getHeader("User-Agent");
        return header == null || WHITELIST.stream().noneMatch(str -> {
            return header.toLowerCase().contains(str);
        });
    }

    private boolean isInternalRequest(ServletRequest servletRequest) {
        return ((HttpServletRequest) servletRequest).getRequestURI().contains("/internal");
    }

    public void init(FilterConfig filterConfig) {
    }

    public void destroy() {
    }
}
