package org.gcube.service.idm.rest;

import com.liferay.portal.kernel.util.StringPool;
import com.webcohesion.enunciate.metadata.rs.RequestHeader;
import com.webcohesion.enunciate.metadata.rs.RequestHeaders;
import com.webcohesion.enunciate.metadata.rs.ResponseCode;
import com.webcohesion.enunciate.metadata.rs.StatusCodes;
import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import org.gcube.common.security.Owner;
import org.gcube.common.security.providers.SecretManagerProvider;
import org.gcube.common.security.secrets.Secret;
import org.gcube.service.idm.IdMManager;
import org.gcube.service.idm.controller.LiferayProfileClient;
import org.gcube.service.utils.ErrorMessages;
import org.gcube.service.utils.beans.ResponseBeanMap;
import org.gcube.smartgears.annotations.ManagedBy;
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.keycloak.OAuth2Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequestHeaders({@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"), @RequestHeader(name = "Content-Type", description = "application/json")})
@Path("2/people")
@ManagedBy(IdMManager.class)
/* loaded from: input_file:WEB-INF/classes/org/gcube/service/idm/rest/SocialPeopleAPI.class */
public class SocialPeopleAPI {
    private static final Logger logger = LoggerFactory.getLogger(SocialPeopleAPI.class);

    @StatusCodes({@ResponseCode(code = 200, condition = "Successful retrieval of user's profile, reported in the 'result' field of the returned object"), @ResponseCode(code = 500, condition = ErrorMessages.ERROR_IN_API_RESULT)})
    @Produces({"application/json"})
    @GET
    @Path("profile")
    public Response getProfile() {
        ResponseBeanMap responseBeanMap = new ResponseBeanMap();
        Response.Status status = Response.Status.OK;
        Secret secret = SecretManagerProvider.get();
        Owner owner = secret.getOwner();
        String id = owner.getId();
        String context = secret.getContext();
        if (owner.isApplication()) {
            logger.warn("Trying to access users method via a token different than USER is not allowed");
            throw new ForbiddenException(ErrorMessages.NOT_USER_TOKEN_CONTEXT_USED);
        }
        try {
            GCubeUser userProfileByUsername = LiferayProfileClient.getUserProfileByUsername(id);
            responseBeanMap.putResult(OAuth2Constants.USERNAME, id);
            responseBeanMap.putResult("avatar", userProfileByUsername.getUserAvatarURL());
            responseBeanMap.putResult("fullname", String.valueOf(owner.getFirstName()) + StringPool.SPACE + owner.getLastName());
            responseBeanMap.putResult("context", context);
            responseBeanMap.putResult("roles", owner.getRoles());
            responseBeanMap.setSuccess(true);
        } catch (Exception e) {
            logger.error("Unable to retrieve user's profile", e);
            responseBeanMap.setMessage(e.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(responseBeanMap).build();
    }
}
