package org.squashtest.tm.plugin.rest.controller;

import javax.inject.Inject;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.ResponseBody;
import org.squashtest.tm.plugin.rest.core.web.BaseRestController;
import org.squashtest.tm.plugin.rest.core.web.RestApiController;
import org.squashtest.tm.plugin.rest.core.web.UseDefaultRestApiConfiguration;
import org.squashtest.tm.plugin.rest.service.RestApiTokenService;

@RestApiController
@UseDefaultRestApiConfiguration
/* loaded from: input_file:org/squashtest/tm/plugin/rest/controller/RestApiTokenController.class */
public class RestApiTokenController extends BaseRestController {

    @Inject
    private RestApiTokenService restApiTokenService;

    @DeleteMapping({"/tokens/self"})
    @ResponseBody
    public ResponseEntity<String> selfDestroyApiToken(@RequestHeader(value = "Authorization", required = false) String str) {
        if (str == null || !str.startsWith("Bearer ")) {
            return new ResponseEntity<>("Token not provided", HttpStatus.UNAUTHORIZED);
        }
        this.restApiTokenService.selfDestroyToken(str.substring(7));
        return new ResponseEntity<>("Token invalidated", HttpStatus.OK);
    }
}
