/*
This file is part of »zeitbild«.

Copyright 2025 'kcf' <fenris@folksprak.org>

»zeitbild« is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

»zeitbild« is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License
along with »zeitbild«. If not, see <http://www.gnu.org/licenses/>.
 */


namespace _zeitbild.api
{
	
	/**
	 */
	export function register_session_oidc(
		rest_subject : lib_plankton.rest_http.type_rest
	) : void
	{
		register<
			null,
			string
		>(
			rest_subject,
			lib_plankton.http.enum_method.get,
			"/session/oidc",
			{
				"description": "verarbeitet einen OIDC login callback",
				"query_parameters": () => ([
					{
						"name": "code",
						"required": true,
						"description": null,
					},
					{
						"name": "iss",
						"required": true,
						"description": null,
					},
					{
						"name": "scope",
						"required": true,
						"description": null,
					},
					{
						"name": "state",
						"required": true,
						"description": null,
					},
				]),
				"input_schema": () => ({
					"type": "null",
				}),
				"output_schema": () => ({
					"nullable": false,
					"type": "string",
				}),
				"response_body_mimetype": "text/html",
				"response_body_encode": (output => Buffer.from(output)),
				"restriction": restriction_none,
				"execution": async (stuff) => {
					const data : {
						token : string;
						userinfo : lib_plankton.auth.oidc.type_userinfo;
						redirect_uri_template : string;
					} = await _zeitbild.auth.oidc_handle_authorization_callback(
						(stuff.headers["Cookie"] ?? stuff.headers["cookie"] ?? null),
						stuff.query_parameters
					);
					
					const user = await _zeitbild.auth.oidc_adapt_user(data.userinfo);
					
					const session_key : string = await lib_plankton.session.begin(
						user.object.name,
						{
							"data": {
								"oidc_token": data.token,
							}
						}
					);
					return Promise.resolve(
						{
							"status_code": 200,
							"data": lib_plankton.string.coin(
								"<html><head><meta http-equiv=\"refresh\" content=\"0; url={{url}}\" /></head><body></body></html>",
								{
									"url": lib_plankton.string.coin(
										data.redirect_uri_template,
										{
											"session_key": session_key,
										}
									),
								}
							),
						}
					);
				},
			}
		);
	}
	
}