package org.eclipse.ditto.services.gateway.endpoints.directives;

import akka.http.javadsl.model.HttpHeader;
import akka.http.javadsl.model.headers.RawHeader;
import akka.http.javadsl.server.Directives;
import akka.http.javadsl.server.Route;
import com.typesafe.config.Config;
import java.time.Duration;
import java.util.Collections;
import java.util.LinkedList;
import java.util.function.Supplier;
import org.eclipse.ditto.services.gateway.starter.service.util.ConfigKeys;

/* loaded from: input_file:org/eclipse/ditto/services/gateway/endpoints/directives/SecurityResponseHeadersDirective.class */
public final class SecurityResponseHeadersDirective {
    private static final String X_FRAME_OPTIONS = "X-Frame-Options";
    private static final String SAMEORIGIN = "SAMEORIGIN";
    private static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options";
    private static final String NOSNIFF = "nosniff";
    private static final String X_XSS_PROTECTION = "X-XSS-Protection";
    private static final String MODE_BLOCK = "1; mode=block";
    private static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security";
    private static final String MAX_AGE = "max-age=";
    private static final String INCLUDE_SUB_DOMAINS = " ; includeSubDomains";

    private SecurityResponseHeadersDirective() {
    }

    public static Route addSecurityResponseHeaders(Supplier<Route> supplier) {
        return Directives.extractActorSystem(actorSystem -> {
            return Directives.respondWithHeaders(createSecurityResponseHeaders(actorSystem.settings().config()), supplier);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Iterable<HttpHeader> createSecurityResponseHeaders(Config config) {
        return createSecurityResponseHeaders(config.getBoolean(ConfigKeys.FORCE_HTTPS));
    }

    private static Iterable<HttpHeader> createSecurityResponseHeaders(boolean z) {
        LinkedList linkedList = new LinkedList();
        linkedList.add(RawHeader.create(X_FRAME_OPTIONS, SAMEORIGIN));
        linkedList.add(RawHeader.create(X_CONTENT_TYPE_OPTIONS, NOSNIFF));
        linkedList.add(RawHeader.create(X_XSS_PROTECTION, MODE_BLOCK));
        if (z) {
            linkedList.add(RawHeader.create(STRICT_TRANSPORT_SECURITY, MAX_AGE + Duration.ofDays(365L).getSeconds() + INCLUDE_SUB_DOMAINS));
        }
        return Collections.unmodifiableList(linkedList);
    }
}
