package hydra

import (
	"net/http"

	"forge.cadoles.com/wpetit/hydra-webauthn/internal/hydra"
	"github.com/pkg/errors"
	"gitlab.com/wpetit/goweb/middleware/container"
	"gitlab.com/wpetit/goweb/service/session"
)

func serveLogoutPage(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	hydr := hydra.Must(ctn)

	challenge, err := hydr.LogoutChallenge(r)
	if err != nil {
		if errors.Is(err, hydra.ErrChallengeNotFound) {
			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

			return
		}

		panic(errors.Wrap(err, "could not retrieve logout challenge"))
	}

	_, err = hydr.LogoutRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra logout response"))
	}

	acceptRes, err := hydr.AcceptLogoutRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra accept logout response"))
	}

	sess, err := session.Must(ctn).Get(w, r)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve session"))
	}

	if err := sess.Delete(w, r); err != nil {
		panic(errors.Wrap(err, "could not delete session"))
	}

	http.Redirect(w, r, acceptRes.RedirectTo, http.StatusSeeOther)
}