package io.jans.configapi.rest.resource.auth;

import io.jans.as.persistence.model.configuration.GluuConfiguration;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.rest.model.AuthenticationMethod;
import io.jans.configapi.service.auth.ConfigurationService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import jakarta.inject.Inject;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

@Produces({"application/json"})
@Path("/acrs")
@Consumes({"application/json"})
/* loaded from: input_file:io/jans/configapi/rest/resource/auth/AcrsResource.class */
public class AcrsResource extends ConfigBaseResource {

    @Inject
    Logger log;

    @Inject
    ConfigurationService configurationService;

    @ProtectedApi(scopes = {"https://jans.io/oauth/config/acrs.readonly"}, groupScopes = {"https://jans.io/oauth/config/acrs.write"}, superScopes = {"https://jans.io/oauth/config/read-all"})
    @Operation(summary = "Gets default authentication method.", description = "Gets default authentication method.", operationId = "get-acrs", tags = {"Default Authentication Method"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/config/acrs.readonly", "https://jans.io/oauth/config/acrs.write", "https://jans.io/oauth/config/read-all"})})
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AuthenticationMethod.class), examples = {@ExampleObject(name = "Response example", value = "example/acr/acr.json")})}), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response getDefaultAuthenticationMethod() {
        GluuConfiguration findGluuConfiguration = this.configurationService.findGluuConfiguration();
        AuthenticationMethod authenticationMethod = new AuthenticationMethod();
        authenticationMethod.setDefaultAcr(findGluuConfiguration.getAuthenticationMode());
        return Response.ok(authenticationMethod).build();
    }

    @ProtectedApi(scopes = {"https://jans.io/oauth/config/acrs.write"}, superScopes = {"https://jans.io/oauth/config/write-all"})
    @Operation(summary = "Updates default authentication method.", description = "Updates default authentication method.", operationId = "put-acrs", tags = {"Default Authentication Method"}, security = {@SecurityRequirement(name = "oauth2", scopes = {"https://jans.io/oauth/config/acrs.write", "https://jans.io/oauth/config/write-all"})})
    @PUT
    @RequestBody(description = "String representing patch-document.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AuthenticationMethod.class), examples = {@ExampleObject(name = "Request json example", value = "example/acr/acr.json")})})
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AuthenticationMethod.class))}), @ApiResponse(responseCode = "400", description = "Bad Request"), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response updateDefaultAuthenticationMethod(@NotNull AuthenticationMethod authenticationMethod) {
        this.log.debug("ACRS details to  update - authenticationMethod:{}", authenticationMethod);
        if (authenticationMethod == null || StringUtils.isBlank(authenticationMethod.getDefaultAcr())) {
            thorwBadRequestException("Default authentication method should not be null or empty !");
        }
        if (authenticationMethod != null) {
            GluuConfiguration findGluuConfiguration = this.configurationService.findGluuConfiguration();
            findGluuConfiguration.setAuthenticationMode(authenticationMethod.getDefaultAcr());
            this.configurationService.merge(findGluuConfiguration);
        }
        return Response.ok(authenticationMethod).build();
    }
}
