package io.jans.configapi.rest.resource.auth;

import io.jans.as.common.model.session.SessionId;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.service.auth.SessionService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.ArraySchema;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import jakarta.inject.Inject;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import java.util.List;
import org.slf4j.Logger;

@Produces({"application/json"})
@Path("/jans-auth-server/session")
@Consumes({"application/json"})
/* loaded from: input_file:io/jans/configapi/rest/resource/auth/SessionResource.class */
public class SessionResource extends ConfigBaseResource {

    @Inject
    Logger log;

    @Inject
    SessionService sessionService;

    @ProtectedApi(scopes = {"https://jans.io/oauth/jans-auth-server/session.readonly"})
    @Operation(summary = "Returns current session", description = "Returns current session", operationId = "get-sessions", tags = {"Auth - Session Management"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/jans-auth-server/session.readonly", "revoke_session"})})
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok", content = {@Content(mediaType = "application/json", array = @ArraySchema(schema = @Schema(implementation = SessionId.class)))}), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response getAllSessions() {
        List<SessionId> sessions = this.sessionService.getSessions();
        this.logger.debug("sessions:{}", sessions);
        return Response.ok(sessions).build();
    }

    @ProtectedApi(scopes = {"https://jans.io/oauth/jans-auth-server/session.delete", "revoke_session"})
    @Operation(summary = "Revoke all sessions by userDn", description = "Revoke all sessions by userDn", operationId = "revoke-user-session", tags = {"Auth - Session Management"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/jans-auth-server/session.delete", "revoke_session"})})
    @POST
    @Path("/{userDn}")
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok"), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response getAppConfiguration(@NotNull @PathParam("userDn") String str) {
        this.logger.debug("userDn:{}", str);
        this.sessionService.revokeSession(str);
        return Response.ok().build();
    }
}
