/*
  http-auth - Authentication Extensions to jdk.httpserver
  Copyright (C) 2021  Ulrich Hilger

  This program is free software: you can redistribute it and/or modify
  it under the terms of the GNU Affero General Public License as
  published by the Free Software Foundation, either version 3 of the
  License, or (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU Affero General Public License for more details.

  You should have received a copy of the GNU Affero General Public License
  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
package de.uhilger.httpserver.auth.handler;

import com.sun.net.httpserver.HttpContext;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import de.uhilger.httpserver.auth.TokenAuthenticator;
import de.uhilger.httpserver.base.handler.HttpResponder;
import java.io.IOException;

/**
 *
 * @author Ulrich Hilger
 * @version 1, 02.06.2021
 */
public class LogoutHandler implements HttpHandler {

  @Override
  public void handle(HttpExchange exchange) throws IOException {
    HttpContext context = exchange.getHttpContext();
    Object o = context.getAttributes().get(LoginHandler.ATTR_AUTHENTICATOR);
    if (o instanceof TokenAuthenticator) {
      TokenAuthenticator auth = (TokenAuthenticator) o;
      String jwt = auth.cookieLesen(exchange, TokenAuthenticator.JWT_INDICATOR);
      if (jwt != null) {
        auth.abmelden(jwt);
        HttpResponder r = new HttpResponder();
        r.antwortSenden(exchange, HttpResponder.SC_OK, "Abgemeldet.");
      } else {
        // kein JSON Web Token
      }
    } else {
      // kein passender Authenticator
    }
  }
  
}