import { NextRequest, NextResponse } from "next/server";
import { getServerSession } from "next-auth";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";

export async function GET(req: NextRequest) {
  try {
    const session = await getServerSession(authOptions);
    const userId = session?.user?.id;
    const keycloakUrl = process.env.KEYCLOAK_ISSUER;
    const clientId = process.env.KEYCLOAK_CLIENT_ID;
    const redirectUri = req.nextUrl.searchParams.get('redirectUri') || process.env.NEXTAUTH_URL;

    // Build Keycloak logout URL
    let logoutUrl = `${keycloakUrl}/protocol/openid-connect/logout?client_id=${clientId}`;
    
    if (redirectUri) {
      logoutUrl += `&post_logout_redirect_uri=${encodeURIComponent(redirectUri)}`;
    }

    console.log(`Initiating full Keycloak logout for user ${userId || 'unknown'}`);
    console.log(`Logout URL: ${logoutUrl}`);

    return NextResponse.json({ 
      success: true, 
      logoutUrl,
      message: "Keycloak logout URL generated" 
    });
  } catch (error) {
    console.error("Error generating Keycloak logout URL:", error);
    return NextResponse.json({ 
      success: false, 
      error: "Failed to generate Keycloak logout URL" 
    }, { status: 500 });
  }
}