package mock

import (
	"crypto/rand"
	"crypto/rsa"
	"errors"
	"time"

	"gopkg.in/square/go-jose.v2"

	"github.com/caos/oidc/pkg/oidc"
	"github.com/caos/oidc/pkg/op"
)

type AuthStorage struct {
	key *rsa.PrivateKey
}

type OPStorage struct{}

func NewAuthStorage() op.AuthStorage {
	reader := rand.Reader
	bitSize := 2048
	key, err := rsa.GenerateKey(reader, bitSize)
	if err != nil {
		panic(err)
	}
	return &AuthStorage{
		key: key,
	}
}

type AuthRequest struct {
	ID           string
	ResponseType oidc.ResponseType
	RedirectURI  string
}

func (a *AuthRequest) GetACR() string {
	return ""
}

func (a *AuthRequest) GetAMR() []string {
	return []string{}
}

func (a *AuthRequest) GetAudience() []string {
	return []string{
		a.ID,
	}
}

func (a *AuthRequest) GetAuthTime() time.Time {
	return time.Now().UTC()
}

func (a *AuthRequest) GetClientID() string {
	return ""
}

func (a *AuthRequest) GetID() string {
	return a.ID
}

func (a *AuthRequest) GetNonce() string {
	return ""
}

func (a *AuthRequest) GetRedirectURI() string {
	return ""
}

func (a *AuthRequest) GetResponseType() oidc.ResponseType {
	return a.ResponseType
}

func (a *AuthRequest) GetState() string {
	return ""
}

func (a *AuthRequest) GetSubject() string {
	return ""
}

func (s *AuthStorage) CreateAuthRequest(authReq *oidc.AuthRequest) (op.AuthRequest, error) {
	return &AuthRequest{ID: "id"}, nil
}
func (s *OPStorage) GetClientByClientID(id string) (op.Client, error) {
	if id == "none" {
		return nil, errors.New("not found")
	}
	var appType op.ApplicationType
	if id == "web" {
		appType = op.ApplicationTypeWeb
	} else if id == "native" {
		appType = op.ApplicationTypeNative
	} else {
		appType = op.ApplicationTypeUserAgent
	}
	return &ConfClient{applicationType: appType}, nil
}
func (s *AuthStorage) AuthRequestByCode(op.Client, string, string) (op.AuthRequest, error) {
	return &AuthRequest{ID: "native"}, nil
}
func (s *OPStorage) AuthorizeClientIDSecret(string, string) (op.Client, error) {
	return &ConfClient{}, nil
}
func (s *OPStorage) AuthorizeClientIDCodeVerifier(string, string) (op.Client, error) {
	return &ConfClient{}, nil
}
func (s *AuthStorage) DeleteAuthRequestAndCode(string, string) error {
	return nil
}
func (s *AuthStorage) AuthRequestByID(id string) (op.AuthRequest, error) {
	if id == "none" {
		return nil, errors.New("not found")
	}
	var responseType oidc.ResponseType
	if id == "code" {
		responseType = oidc.ResponseTypeCode
	} else if id == "id" {
		responseType = oidc.ResponseTypeIDTokenOnly
	} else {
		responseType = oidc.ResponseTypeIDToken
	}
	return &AuthRequest{
		ResponseType: responseType,
		RedirectURI:  "/callback",
	}, nil
}

func (s *AuthStorage) GetSigningKey() (*jose.SigningKey, error) {
	return &jose.SigningKey{Algorithm: jose.RS256, Key: s.key}, nil
}
func (s *AuthStorage) GetKeySet() (jose.JSONWebKeySet, error) {
	pubkey := s.key.Public()
	return jose.JSONWebKeySet{
		Keys: []jose.JSONWebKey{
			jose.JSONWebKey{Key: pubkey, Use: "sig", Algorithm: "RS256"},
		},
	}, nil
}

type ConfClient struct {
	applicationType op.ApplicationType
}

func (c *ConfClient) RedirectURIs() []string {
	return []string{
		"https://registered.com/callback",
		"http://localhost:9999/callback",
		"http://localhost:5556/auth/callback",
		"custom://callback",
	}
}

func (c *ConfClient) LoginURL(id string) string {
	return "login?id=" + id
}

func (c *ConfClient) ApplicationType() op.ApplicationType {
	return c.applicationType
}