namespace _zeitbild.api
{
	
	/**
	 */
	export function register_session_oidc(
		rest_subject : lib_plankton.rest_caldav.type_rest
	) : void
	{
		register<
			null,
			string
		>(
			rest_subject,
			lib_plankton.http.enum_method.get,
			"/session/oidc",
			{
				"description": "verarbeitet einen OIDC login callback",
				"query_parameters": () => ([
					{
						"name": "code",
						"required": true,
						"description": null,
					},
					{
						"name": "iss",
						"required": true,
						"description": null,
					},
					{
						"name": "scope",
						"required": true,
						"description": null,
					},
					{
						"name": "state",
						"required": true,
						"description": null,
					},
				]),
				"input_schema": () => ({
					"type": "null",
				}),
				"output_schema": () => ({
					"nullable": false,
					"type": "string",
				}),
				"response_body_mimetype": "text/html",
				"response_body_encode": (output => Buffer.from(output)),
				"restriction": restriction_none,
				"execution": async (stuff) => {
					const data : {
						token : string;
						userinfo : {
							name : (null | string);
							email : (null | string);
						};
						redirect_uri_template : string;
					} = await _zeitbild.auth.oidc_handle_authorization_callback(
						(stuff.headers["Cookie"] ?? stuff.headers["cookie"] ?? null),
						stuff.query_parameters
					);
					if (data.userinfo.name === null) {
						return Promise.reject(
							new Error(
								"IDP did not return user name"
							)
						);
					}
					else {
						try {
							await _zeitbild.service.user.add(
								{
									"name": data.userinfo.name,
									"email_address": data.userinfo.email,
								}
							);
							lib_plankton.log.info(
								"user_provisioned",
								{
									"name": data.userinfo.name,
								}
							);
						}
						catch (error) {
							// do nothing
						}
						const session_key : string = await lib_plankton.session.begin(
							data.userinfo.name,
							{
								"data": {
									"oidc_token": data.token,
								}
							}
						);
						return Promise.resolve(
							{
								"status_code": 200,
								"data": lib_plankton.string.coin(
									"<html><head><meta http-equiv=\"refresh\" content=\"0; url={{url}}\" /></head><body></body></html>",
									{
										"url": lib_plankton.string.coin(
											data.redirect_uri_template,
											{
												"session_key": session_key,
											}
										),
									}
								),
							}
						);
					}
				},
			}
		);
	}
	
}