package io.trino.server.ui;

import com.google.inject.Inject;
import io.trino.server.ExternalUriInfo;
import io.trino.server.ServletSecurityUtils;
import io.trino.server.security.ResourceSecurity;
import io.trino.server.security.oauth2.OAuth2Client;
import jakarta.ws.rs.BeanParam;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import java.net.URI;
import java.util.Objects;
import java.util.Optional;

@ResourceSecurity(ResourceSecurity.AccessType.WEB_UI)
@Path("")
/* loaded from: input_file:io/trino/server/ui/OAuth2WebUiPreviewResource.class */
public class OAuth2WebUiPreviewResource {
    private final OAuth2Client oAuth2Client;

    @Inject
    public OAuth2WebUiPreviewResource(OAuth2Client oAuth2Client) {
        this.oAuth2Client = (OAuth2Client) Objects.requireNonNull(oAuth2Client, "oAuth2Client is null");
    }

    @Produces({"application/json"})
    @GET
    @Path("/ui/preview/auth/info")
    public AuthInfo getAuthInfo(ContainerRequestContext containerRequestContext) {
        Optional<U> map = ServletSecurityUtils.authenticatedIdentity(containerRequestContext).map((v0) -> {
            return v0.getUser();
        });
        return new AuthInfo("oauth2", false, map.isPresent(), map);
    }

    @Produces({"application/json"})
    @GET
    @Path("/ui/preview/auth/logout")
    public Response logout(@Context HttpHeaders httpHeaders, @BeanParam ExternalUriInfo externalUriInfo, @Context SecurityContext securityContext) {
        Optional<String> read = OAuthIdTokenCookie.read(httpHeaders.getCookies());
        URI absolutePath = externalUriInfo.absolutePath("/ui/logout/logout.html");
        return Response.seeOther(this.oAuth2Client.getLogoutEndpoint(read, absolutePath).orElse(absolutePath)).cookie(OAuthIdTokenCookie.delete(httpHeaders.getCookies())).cookie(FormWebUiAuthenticationFilter.getDeleteCookies(httpHeaders.getCookies(), securityContext.isSecure())).cookie(OAuthWebUiCookie.delete(httpHeaders.getCookies())).build();
    }
}
