package oauth

import (
	"time"

	"github.com/google/uuid"
	"github.com/zitadel/oidc/v3/pkg/oidc"
	"gorm.io/gorm"
)

type AuthRequest struct {
	ID            uuid.UUID          `gorm:"primary_key;type:char(36);default:(UUID());comment:ID"`
	ClientID      string             `gorm:"type:varchar(255);not null;comment:客户端ID"`
	UserID        string             `gorm:"type:varchar(255);not null;comment:用户ID"`
	Scopes        []string           `gorm:"type:text;comment:范围"`
	Audience      []string           `gorm:"type:text;comment:受众"`
	CallbackURI   string             `gorm:"type:varchar(255);not null;comment:回调URI"`
	State         string             `gorm:"type:varchar(255);not null;comment:状态"`
	Acr           string             `gorm:"type:varchar(255);not null;comment:认证上下文类引用"`
	Amr           []string           `gorm:"type:text;comment:认证方法引用"`
	ResponseType  oidc.ResponseType  `gorm:"type:varchar(255);not null;comment:响应类型"`
	ResponseMode  oidc.ResponseMode  `gorm:"type:varchar(255);not null;comment:响应模式"`
	CodeChallenge *OIDCCodeChallenge `gorm:"type:varchar(255);not null;comment:pkce参数"`
	Nonce         string             `gorm:"type:varchar(255);not null;comment:随机数"`
	done          bool               `gorm:"type:boolean;not null;default:false;comment:完成"`
	authTime      time.Time          `gorm:"type:timestamp;comment:认证时间"`
	CreatedAt     time.Time          `gorm:"type:timestamp;not null;autoCreateTime;comment:创建时间"`
	UpdatedAt     time.Time          `gorm:"type:timestamp;comment:更新时间"`
	DeletedAt     gorm.DeletedAt     `gorm:"type:timestamp;comment:删除时间"`
}

type AuthCode struct {
	ID        uuid.UUID `gorm:"primary_key;type:char(36);default:(UUID());comment:ID"`
	Code      string    `gorm:"type:varchar(255);not null;comment:授权码"`
	RequestId uuid.UUID `gorm:"type:char(36);not null;comment:请求ID"`
}

func (a *AuthRequest) GetID() string {
	return a.ID.String()
}

func (a *AuthRequest) GetACR() string {
	return a.Acr
}

func (a *AuthRequest) GetAMR() []string {
	return a.Amr
}

func (a *AuthRequest) GetAudience() []string {
	return a.Audience
}

func (a *AuthRequest) GetAuthTime() time.Time {
	return a.authTime
}

func (a *AuthRequest) GetClientID() string {
	return a.ClientID
}

func (a *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge {
	return CodeChallengeToOIDC(a.CodeChallenge)
}

func (a *AuthRequest) GetNonce() string {
	return a.Nonce
}

func (a *AuthRequest) GetRedirectURI() string {
	return a.CallbackURI
}

func (a *AuthRequest) GetResponseType() oidc.ResponseType {
	return a.ResponseType
}

func (a *AuthRequest) GetResponseMode() oidc.ResponseMode {
	return a.ResponseMode
}

func (a *AuthRequest) GetScopes() []string {
	return a.Scopes
}

func (a *AuthRequest) GetState() string {
	return a.State
}

func (a *AuthRequest) GetSubject() string {
	return a.UserID
}

func (a *AuthRequest) Done() bool {
	return a.done
}

func AuthRequestFromOIDC(authRequest *oidc.AuthRequest, userID string) *AuthRequest {
	return &AuthRequest{
		ClientID:     authRequest.ClientID,
		UserID:       userID,
		Scopes:       authRequest.Scopes,
		CallbackURI:  authRequest.RedirectURI,
		State:        authRequest.State,
		ResponseType: authRequest.ResponseType,
		ResponseMode: authRequest.ResponseMode,
		CodeChallenge: &OIDCCodeChallenge{
			Challenge: authRequest.CodeChallenge,
			Method:    string(authRequest.CodeChallengeMethod),
		},
		Acr:       authRequest.ACRValues.String(),
		Nonce:     authRequest.Nonce,
		CreatedAt: time.Now(),
	}
}

type OIDCCodeChallenge struct {
	Challenge string
	Method    string
}

func CodeChallengeToOIDC(challenge *OIDCCodeChallenge) *oidc.CodeChallenge {
	if challenge == nil {
		return nil
	}
	challengeMethod := oidc.CodeChallengeMethodPlain
	if challenge.Method == "S256" {
		challengeMethod = oidc.CodeChallengeMethodS256
	}
	return &oidc.CodeChallenge{
		Challenge: challenge.Challenge,
		Method:    challengeMethod,
	}
}