package org.rostore.service;

import jakarta.enterprise.context.RequestScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.HeaderParam;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.core.Response;
import java.util.EnumSet;
import java.util.logging.Logger;
import org.eclipse.microprofile.openapi.annotations.Operation;
import org.eclipse.microprofile.openapi.annotations.enums.SecuritySchemeIn;
import org.eclipse.microprofile.openapi.annotations.enums.SecuritySchemeType;
import org.eclipse.microprofile.openapi.annotations.media.Content;
import org.eclipse.microprofile.openapi.annotations.media.Schema;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponses;
import org.eclipse.microprofile.openapi.annotations.security.SecurityRequirement;
import org.eclipse.microprofile.openapi.annotations.security.SecurityScheme;
import org.eclipse.microprofile.openapi.annotations.security.SecuritySchemes;
import org.eclipse.microprofile.openapi.annotations.tags.Tag;
import org.eclipse.microprofile.openapi.annotations.tags.Tags;
import org.rostore.entity.Record;
import org.rostore.entity.StringKeyList;
import org.rostore.entity.apikey.ApiKeyDefinition;
import org.rostore.entity.apikey.ApiKeyPermissions;
import org.rostore.entity.apikey.Permission;
import org.rostore.entity.media.RecordOption;
import org.rostore.service.apikey.ApiKeyManager;
import org.rostore.v2.container.DataWithRecord;

@Produces({"application/json"})
@RequestScoped
@Path("/admin")
@SecuritySchemes({@SecurityScheme(securitySchemeName = "apiKey", in = SecuritySchemeIn.HEADER, type = SecuritySchemeType.APIKEY, apiKeyName = "api-key")})
@Tags({@Tag(name = "Administration - Api-Keys", description = "Collection of operations to manage the api-keys")})
@SecurityRequirement(name = "apiKey")
/* loaded from: input_file:org/rostore/service/ApiKeyService.class */
public class ApiKeyService {
    private static final Logger logger = Logger.getLogger(ApiKeyService.class.getName());

    @Inject
    ApiKeyManager apiKeyManager;

    @APIResponses({@APIResponse(responseCode = "403", description = "No access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "500", description = "Internal Error", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "200", description = "Api-Key created successfully.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ApiKeyDefinition.class))})})
    @Operation(summary = "Creates a new Api-Key with a set of given permissions", description = "Operation requires a store-wide grant permission")
    @POST
    @Path("/api-key")
    @Consumes({"application/json"})
    public Response createApiKey(@HeaderParam("options") String str, @HeaderParam("ttl") Long l, @HeaderParam("eol") Long l2, ApiKeyPermissions apiKeyPermissions) {
        this.apiKeyManager.checkStorePermission(EnumSet.of(Permission.GRANT));
        DataWithRecord<ApiKeyDefinition> create = this.apiKeyManager.create(apiKeyPermissions, new Record().ttlOrUnitEol(l, l2).version(1L).addOptions(RecordOption.parse(str)));
        Response.ResponseBuilder ok = Response.ok(create.getData());
        Headers.toHeaders(ok, create.getRecord());
        return ok.build();
    }

    @APIResponses({@APIResponse(responseCode = "403", description = "No access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "409", description = "Version conflict", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "500", description = "Internal Error", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "200", description = "Api-Key has been updated successfully.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ApiKeyDefinition.class))})})
    @Operation(summary = "Updates an existing Api-Key with a set of given permissions", description = "Operation requires a store-wide grant permission")
    @PUT
    @Path("/api-key/{request-api-key}")
    @Consumes({"application/json"})
    public Response updateApiKey(@PathParam("request-api-key") String str, @HeaderParam("options") String str2, @HeaderParam("ttl") Long l, @HeaderParam("eol") Long l2, @HeaderParam("version") Long l3, ApiKeyPermissions apiKeyPermissions) {
        this.apiKeyManager.checkStorePermission(EnumSet.of(Permission.GRANT));
        long longValue = l3 == null ? 0L : l3.longValue();
        ApiKeyDefinition apiKeyDefinition = new ApiKeyDefinition(str, apiKeyPermissions);
        Record addOptions = new Record().ttlOrUnitEol(l, l2).version(longValue).addOptions(RecordOption.parse(str2));
        this.apiKeyManager.update(apiKeyDefinition, addOptions);
        Response.ResponseBuilder ok = Response.ok(apiKeyDefinition);
        Headers.toHeaders(ok, addOptions);
        return ok.build();
    }

    @APIResponses({@APIResponse(responseCode = "403", description = "No access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "500", description = "Internal Error", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "200", description = "Root is repaired successfully.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ApiKeyDefinition.class))})})
    @Operation(summary = "Repairs a broken root Api-Key entry", description = "Operation requires a store-wide root permission")
    @GET
    @Path("/api-key/repair-root")
    public Response repairRoot() {
        this.apiKeyManager.checkStorePermission(EnumSet.of(Permission.SUPER));
        DataWithRecord<ApiKeyDefinition> repairRootApiKeyEntry = this.apiKeyManager.repairRootApiKeyEntry();
        Response.ResponseBuilder ok = Response.ok(repairRootApiKeyEntry.getData());
        Headers.toHeaders(ok, repairRootApiKeyEntry.getRecord());
        return ok.build();
    }

    @APIResponses({@APIResponse(responseCode = "403", description = "No access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "500", description = "Internal Error", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "404", description = "The API-Key not found or not access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "200", description = "The api-key definition", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ApiKeyDefinition.class))})})
    @Operation(summary = "Returns a set of permissions associated with an Api-Key", description = "Operation requires a store-wide read permission")
    @GET
    @Path("/api-key/{request-api-key}")
    public Response getApiKey(@PathParam("request-api-key") String str, @HeaderParam("version") Long l) {
        this.apiKeyManager.checkStorePermission(EnumSet.of(Permission.READ));
        DataWithRecord<ApiKeyDefinition> dataWithRecord = this.apiKeyManager.get(str);
        if (dataWithRecord == null) {
            throw new NotFoundException("No api-key \"" + str + "\" found or expired.");
        }
        Response.ResponseBuilder ok = Response.ok(dataWithRecord.getData());
        Headers.toHeaders(ok, dataWithRecord.getRecord());
        return ok.build();
    }

    @APIResponses({@APIResponse(responseCode = "403", description = "No access", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "500", description = "Internal Error", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorRepresentation.class))}), @APIResponse(responseCode = "200", description = "The api-key list", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = StringKeyList.class))})})
    @Operation(summary = "Returns a list of Api-Keys in the store", description = "Operation requires a store-wide list permission")
    @GET
    @Path("/api-key/list")
    public Response listApiKey(@QueryParam("start-api-key") String str) {
        this.apiKeyManager.checkStorePermission(EnumSet.of(Permission.LIST));
        return Response.ok().entity(this.apiKeyManager.list(str)).build();
    }
}
