<?php

namespace PSX\Http\Filter;

use PSX\Http\FilterChainInterface;
use PSX\Http\FilterInterface;
use PSX\Http\RequestInterface;
use PSX\Http\ResponseInterface;

/**
 * CORS
 *
 * @author  Christoph Kappestein <christoph.kappestein@gmail.com>
 * @license http://www.apache.org/licenses/LICENSE-2.0
 * @link    http://phpsx.org
 */
class CORS implements FilterInterface
{
    /** @var string|\Closure */
    protected $allowOrigin;

    /** @var array */
    protected $allowMethods;

    /** @var array */
    protected $allowHeaders;

    /** @var boolean */
    protected $allowCredentials;

    /**
     * @param string|\Closure $allowOrigin
     * @param array|null $allowMethods
     * @param array|null $allowHeaders
     * @param boolean|null $allowCredentials
     */
    public function __construct(
        $allowOrigin,
        array $allowMethods = null,
        array $allowHeaders = null,
        $allowCredentials = null,
    ) {
        $this->allowOrigin      = $allowOrigin;
        $this->allowMethods     = $allowMethods;
        $this->allowHeaders     = $allowHeaders;
        $this->allowCredentials = $allowCredentials;
    }

    public function handle(RequestInterface $request, ResponseInterface $response, FilterChainInterface $filterChain)
    {
        $allow  = false;
        $origin = $request->getHeader('Origin');
        if (!empty($origin)) {
            if (is_string($this->allowOrigin)) {
                $response->setHeader('Access-Control-Allow-Origin', $this->allowOrigin);
                $allow = true;
            } elseif ($this->allowOrigin instanceof \Closure) {
                $func = $this->allowOrigin;
                if ($func($origin)) {
                    $response->setHeader('Access-Control-Allow-Origin', $origin);
                    $response->addHeader('Vary', 'Origin');
                    $allow = true;
                }
            }

            if ($allow && $this->allowCredentials) {
                $response->setHeader('Access-Control-Allow-Credentials', 'true');
            }
        }

        if ($allow && $request->getMethod() == 'OPTIONS') {
            $method = $request->getHeader('Access-Control-Request-Method');
            if (!empty($method)) {
                $response->setHeader('Access-Control-Allow-Methods', implode(', ', $this->allowMethods));
            }

            $headers = $request->getHeader('Access-Control-Request-Headers');
            if (!empty($headers)) {
                $response->setHeader('Access-Control-Allow-Headers', implode(', ', $this->allowHeaders));
            }

            $response->setHeader('Access-Control-Expose-Headers', '*');
        }

        $filterChain->handle($request, $response);
    }

    public static function allowOrigin($allowOrigin)
    {
        return new self($allowOrigin);
    }
}
__halt_compiler();----SIGNATURE:----GBjs3zlZQdlItzcIvn8KHwIsxN5yhj5z2OdxQbrVwF9N2YFnt6lBsVZbRfNuj9yjlZDm2SSPEAdOixeF1qVb9eW1dS5XYzByzN4QZ0xtnjy6hDvEsyuHT1CfcMQfSKaPQHJmp1WAFtRsDyP2mwjBuCIL42trK5PDPnYRMm/8429plKo/3SQ62tpXhi7GYK3NRKJFF0Tw4UkL0ach96v2ziu4A6JXUWA3nlBxjZ1YCvt6wEkFurs3UJxrGbrFyB1+s5YcNa+EuImRwDthqvM/nD/fybMUqFZUU9haOI08+1Srrjrqpyn4NUsMDn4s6O6shwMxbgk4YA5JE5JfFc2B2Dvzezmys1B18Z4AbCSEGN/XUYL/x/xyJTbL2SScsi1SHPJtP2fpRz4XSYb88EmdFDtYfB45l4ytZrArLSdQ4xAbKUofwvoyiH9wUObCe+SOuFQyjjAcGOKa2xLQjI2e2RJEQArBWxV4QNGOn7puLvG+VQWQtxjV0jPTTYamuBb4klcrz8c93QsYnFM1LfK2Y8COfpZ4KkeGjL5AIIh6+Wfy9WDlFjFI5ZUkvr+SsLb96dXBN3OHQQd0tYoCtbP8HxWpyus8iHOnbY49eNtpmVL/xwbO/RSfp1LiIqh6EgBdR2p9lzm+EPWNGjT57HqvIb6MJ6HLBNIE0wllyMTCC+c=----ATTACHMENT:----ODgxODgzMTY0MzE2OTE1NSAzNDU4ODQwMzY1NzEwMTQ4IDk4NjU4Mjk3ODEwNjkxNzc=