package io.jans.configapi.rest.resource.auth;

import io.jans.as.common.model.registration.Client;
import io.jans.as.model.util.Util;
import io.jans.as.persistence.model.Scope;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.service.auth.ClientAuthService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import java.util.Map;
import java.util.Set;

@ApplicationScoped
@Produces({"application/json"})
@Path("/clients/authorizations")
@Consumes({"application/json"})
/* loaded from: input_file:io/jans/configapi/rest/resource/auth/ClientAuthResource.class */
public class ClientAuthResource extends ConfigBaseResource {

    @Inject
    ClientAuthService clientAuthService;

    @ProtectedApi(scopes = {"https://jans.io/oauth/client/authorizations.readonly"}, groupScopes = {"https://jans.io/oauth/config/openid-read"}, superScopes = {"https://jans.io/oauth/config/read-all"})
    @Operation(summary = "Gets list of client authorization", description = "Gets list of client authorizations", operationId = "get-client-authorization", tags = {"Client Authorization"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/client/authorizations.readonly"})})
    @GET
    @Path("{userId}")
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok", content = {@Content(schema = @Schema(implementation = Map.class), examples = {@ExampleObject(name = "Response json example", value = "example/client-auth/client-auth-get.json")})}), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response getClientAuthorization(@Parameter(description = "User identifier") @NotNull @PathParam("userId") String str) {
        if (this.logger.isInfoEnabled()) {
            this.logger.info("Client Authorization serach param - userId:{}", Util.escapeLog(str));
        }
        Map<Client, Set<Scope>> userAuthorizations = this.clientAuthService.getUserAuthorizations(str);
        this.logger.info("Client serach param - clientAuths:{}", userAuthorizations);
        return Response.ok(userAuthorizations).build();
    }

    @ProtectedApi(scopes = {"https://jans.io/oauth/client/authorizations.delete"}, groupScopes = {}, superScopes = {"https://jans.io/oauth/config/delete-all"})
    @Operation(summary = "Revoke client authorization", description = "Revoke client authorizations", operationId = "delete-client-authorization", tags = {"Client Authorization"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/client/authorizations.delete"})})
    @DELETE
    @Path("{userId}/{clientId}/{username}")
    @ApiResponses({@ApiResponse(responseCode = "204", description = "No Content"), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response deleteClientAuthorization(@Parameter(description = "User identifier") @NotNull @PathParam("userId") String str, @Parameter(description = "Client identifier") @NotNull @PathParam("clientId") String str2, @Parameter(description = "User name") @NotNull @PathParam("username") String str3) {
        if (this.logger.isInfoEnabled()) {
            this.logger.info("ClientAuthorization to be deleted for - userId:{}, clientId:{}, userName:{}", new Object[]{Util.escapeLog(str), Util.escapeLog(str2), Util.escapeLog(str3)});
        }
        this.clientAuthService.removeClientAuthorizations(str, str2, str3);
        this.logger.info("ClientAuthorizations removed!!!");
        return Response.noContent().build();
    }
}
