package io.nessus.actions.jaxrs;

import io.nessus.actions.core.jaxrs.AbstractUserResource;
import io.nessus.actions.core.types.KeycloakUserInfo;
import io.nessus.actions.core.utils.ApiUtils;
import io.nessus.actions.jaxrs.service.UserStateService;
import io.nessus.actions.jaxrs.type.UserState;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityScheme;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Response;

@SecurityScheme(type = SecuritySchemeType.OPENIDCONNECT, scheme = "Bearer")
@Path("/user")
/* loaded from: input_file:io/nessus/actions/jaxrs/UserResource.class */
public class UserResource extends AbstractUserResource {
    @GET
    @Path("/{userId}/state")
    @Operation(summary = "Fetch the current state for the given user id")
    @ApiResponses({@ApiResponse(responseCode = "200", description = "[OK] Found the requested user state.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = UserState.class))}), @ApiResponse(responseCode = "401", description = "[Unauthorized] If the provided access token was not valid.")})
    public Response getUserState(@PathParam("userId") String str) {
        KeycloakUserInfo keycloakUserInfo = getKeycloakUserInfo(str);
        return keycloakUserInfo == null ? Response.status(Response.Status.UNAUTHORIZED).build() : Response.ok(getService(UserStateService.class).getOrCreateUserState(keycloakUserInfo), "application/json").build();
    }

    @Path("/{userId}")
    @DELETE
    @Operation(summary = "Delete the user with the given id")
    @ApiResponses({@ApiResponse(responseCode = "204", description = "[No Content] Sucessfully delete the user in Keycloak."), @ApiResponse(responseCode = "401", description = "[Unauthorized] If the provided access token was not valid.")})
    public Response deleteUser(@PathParam("userId") String str) {
        if (getKeycloakUserInfo(str) == null) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        String keycloakRealmId = this.config.getKeycloakRealmId();
        String masterAccessToken = getKeycloakService().getMasterAccessToken();
        Response withClient = withClient(ApiUtils.keycloakUri(this.config, "/admin/realms/" + keycloakRealmId + "/users/" + str), webTarget -> {
            return webTarget.request().header("Authorization", "Bearer " + masterAccessToken).delete();
        });
        ApiUtils.hasStatus(withClient, new Response.Status[]{Response.Status.NO_CONTENT});
        return withClient;
    }
}
