package keywhiz.service.resources;

import com.google.inject.Inject;
import java.net.URI;
import java.util.Optional;
import javax.annotation.Nullable;
import javax.ws.rs.CookieParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.Response;
import keywhiz.auth.User;
import keywhiz.auth.cookie.AuthenticatedEncryptedCookieFactory;
import keywhiz.auth.cookie.CookieAuthenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/admin/logout")
/* loaded from: input_file:keywhiz/service/resources/SessionLogoutResource.class */
public class SessionLogoutResource {
    private final Logger logger = LoggerFactory.getLogger(SessionLogoutResource.class);
    private final CookieAuthenticator cookieAuthenticator;
    private final AuthenticatedEncryptedCookieFactory cookieFactory;

    @Inject
    public SessionLogoutResource(CookieAuthenticator cookieAuthenticator, AuthenticatedEncryptedCookieFactory authenticatedEncryptedCookieFactory) {
        this.cookieAuthenticator = cookieAuthenticator;
        this.cookieFactory = authenticatedEncryptedCookieFactory;
    }

    @POST
    @Produces({"application/json"})
    public Response logout(@CookieParam("session") @Nullable Cookie cookie) {
        if (cookie != null) {
            Optional<User> authenticate = this.cookieAuthenticator.authenticate(cookie);
            if (authenticate.isPresent()) {
                this.logger.info("User logged out: {}", authenticate.get().getName());
            } else {
                this.logger.warn("Invalid user cookie on logout.");
            }
        }
        return Response.seeOther(URI.create("/ui/index.html")).cacheControl(CacheControl.valueOf("no-cache")).header("Set-Cookie", this.cookieFactory.getExpiredSessionCookie().toString()).build();
    }
}
