package org.eclipse.edc.identityhub.api.participantcontext.v1;

import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.DefaultValue;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.SecurityContext;
import java.util.Collection;
import java.util.List;
import org.eclipse.edc.identityhub.api.v1.validation.ParticipantManifestValidator;
import org.eclipse.edc.identityhub.spi.AuthorizationResultHandler;
import org.eclipse.edc.identityhub.spi.AuthorizationService;
import org.eclipse.edc.identityhub.spi.ParticipantContextService;
import org.eclipse.edc.identityhub.spi.model.participant.ParticipantContext;
import org.eclipse.edc.identityhub.spi.model.participant.ParticipantManifest;
import org.eclipse.edc.spi.query.QuerySpec;
import org.eclipse.edc.web.spi.exception.ValidationFailureException;

@Produces({"application/json"})
@Path("/v1/participants")
@Consumes({"application/json"})
/* loaded from: input_file:org/eclipse/edc/identityhub/api/participantcontext/v1/ParticipantContextApiController.class */
public class ParticipantContextApiController implements ParticipantContextApi {
    private final ParticipantManifestValidator participantManifestValidator;
    private final ParticipantContextService participantContextService;
    private final AuthorizationService authorizationService;

    public ParticipantContextApiController(ParticipantManifestValidator participantManifestValidator, ParticipantContextService participantContextService, AuthorizationService authorizationService) {
        this.participantManifestValidator = participantManifestValidator;
        this.participantContextService = participantContextService;
        this.authorizationService = authorizationService;
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @POST
    @RolesAllowed({"admin"})
    public String createParticipant(ParticipantManifest participantManifest) {
        this.participantManifestValidator.validate(participantManifest).orElseThrow(ValidationFailureException::new);
        return (String) this.participantContextService.createParticipantContext(participantManifest).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantManifest.class, participantManifest.getParticipantId()));
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @GET
    @Path("/{participantId}")
    public ParticipantContext getParticipant(@PathParam("participantId") String str, @Context SecurityContext securityContext) {
        return (ParticipantContext) this.authorizationService.isAuthorized(securityContext, str, ParticipantContext.class).compose(r5 -> {
            return this.participantContextService.getParticipantContext(str);
        }).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantContext.class, str));
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @POST
    @Path("/{participantId}/token")
    public String regenerateToken(@PathParam("participantId") String str, @Context SecurityContext securityContext) {
        return (String) this.authorizationService.isAuthorized(securityContext, str, ParticipantContext.class).compose(r5 -> {
            return this.participantContextService.regenerateApiToken(str);
        }).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantContext.class, str));
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @POST
    @RolesAllowed({"admin"})
    @Path("/{participantId}/state")
    public void activateParticipant(@PathParam("participantId") String str, @QueryParam("isActive") boolean z) {
        if (z) {
            this.participantContextService.updateParticipant(str, (v0) -> {
                v0.activate();
            });
        } else {
            this.participantContextService.updateParticipant(str, (v0) -> {
                v0.deactivate();
            });
        }
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @RolesAllowed({"admin"})
    @DELETE
    @Path("/{participantId}")
    public void deleteParticipant(@PathParam("participantId") String str, @Context SecurityContext securityContext) {
        this.participantContextService.deleteParticipantContext(str).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantContext.class, str));
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @PUT
    @RolesAllowed({"admin"})
    @Path("/{participantId}/roles")
    public void updateRoles(@PathParam("participantId") String str, List<String> list) {
        this.participantContextService.updateParticipant(str, participantContext -> {
            participantContext.setRoles(list);
        }).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantContext.class, str));
    }

    @Override // org.eclipse.edc.identityhub.api.participantcontext.v1.ParticipantContextApi
    @RolesAllowed({"admin"})
    @GET
    public Collection<ParticipantContext> getAll(@QueryParam("offset") @DefaultValue("0") Integer num, @QueryParam("limit") @DefaultValue("50") Integer num2) {
        return (Collection) this.participantContextService.query(QuerySpec.Builder.newInstance().offset(num).limit(num2).build()).orElseThrow(AuthorizationResultHandler.exceptionMapper(ParticipantContext.class));
    }
}
