import { Injectable, UnauthorizedException } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
import type { JwtPayload } from './keycloak.strategy';

@Injectable()
export class KeycloakAuthGuard extends AuthGuard('jwt') {
  handleRequest(err: unknown, user: JwtPayload): JwtPayload {
    if (err || !user) {
      if (err instanceof UnauthorizedException) {
        throw err;
      }

      throw new UnauthorizedException('Usuário não autenticado');
    }

    return user;
  }
}