package dev.lions.unionflow.server.client;

import dev.lions.user.manager.dto.role.RoleDTO;
import jakarta.ws.rs.*;
import jakarta.ws.rs.core.MediaType;
import org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
import org.eclipse.microprofile.rest.client.inject.RegisterRestClient;

import java.util.List;

/**
 * REST Client pour l'API rôles de lions-user-manager (Keycloak).
 * Même base URL que UserServiceClient (configKey = lions-user-manager-api).
 */
@Path("/api/roles")
@RegisterRestClient(configKey = "lions-user-manager-api")
@RegisterClientHeaders(AdminServiceTokenHeadersFactory.class)
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public interface RoleServiceClient {

    @GET
    @Path("/realm")
    List<RoleDTO> getRealmRoles(@QueryParam("realm") String realmName);

    @GET
    @Path("/user/realm/{userId}")
    List<RoleDTO> getUserRealmRoles(
        @PathParam("userId") String userId,
        @QueryParam("realm") String realmName
    );

    @POST
    @Path("/assign/realm/{userId}")
    void assignRealmRoles(
        @PathParam("userId") String userId,
        @QueryParam("realm") String realmName,
        RoleNamesRequest request
    );

    @POST
    @Path("/revoke/realm/{userId}")
    void revokeRealmRoles(
        @PathParam("userId") String userId,
        @QueryParam("realm") String realmName,
        RoleNamesRequest request
    );

    /** Corps de requête pour assign/revoke (compatible lions-user-manager). */
    class RoleNamesRequest {
        public List<String> roleNames;
        public RoleNamesRequest() {}
        public RoleNamesRequest(List<String> roleNames) { this.roleNames = roleNames; }
        public List<String> getRoleNames() { return roleNames; }
        public void setRoleNames(List<String> roleNames) { this.roleNames = roleNames; }
    }
}