namespace _zeitbild.api
{
	
	/**
	 */
	export function register_session_oidc(
		rest_subject : lib_plankton.rest.type_rest
	) : void
	{
		register<
			null,
			string
		>(
			rest_subject,
			lib_plankton.http.enum_method.get,
			"/session/oidc",
			{
				"description": "verarbeitet einen OIDC login callback",
				"query_parameters": () => ([
					{
						"name": "code",
						"required": true,
						"description": null,
					},
					{
						"name": "iss",
						"required": true,
						"description": null,
					},
					{
						"name": "scope",
						"required": true,
						"description": null,
					},
					{
						"name": "state",
						"required": true,
						"description": null,
					},
				]),
				"input_schema": () => ({
					"type": "null",
				}),
				"output_schema": () => ({
					"nullable": false,
					"type": "string",
				}),
				"response_body_mimetype": "text/html",
				"response_body_encode": (output => Buffer.from(output)),
				"restriction": restriction_none,
				"execution": async (stuff) => {
					_zeitbild.auth.control(
						{
							"kind": "authorization_callback",
							"data": {
								"stuff": stuff.query_parameters,
								"cookie": (stuff.headers["Cookie"] ?? stuff.headers["cookie"]),
							}
						}
					);
					return (
						_zeitbild.auth.execute(
							undefined
						)
						.then(
							(name) => lib_plankton.session.begin(name)
						)
						.then(
							(session_key) => Promise.resolve({
								"status_code": 200,
								"data": lib_plankton.string.coin(
									"<html><head><meta http-equiv=\"refresh\" content=\"0; url={{url}}\" /></head><body></body></html>",
									{
										// TODO: get url from frontend
										"url": lib_plankton.string.coin(
											"http://localhost:8888/#oidc_finish,session_key={{session_key}}",
											{
												"session_key": session_key,
											}
										),
									}
								),
							})
						)
					);
				},
			}
		);
	}
	
}