import * as cookie from 'https://deno.land/std@0.188.0/http/cookie.ts'

export class Auth {
  constructor({
    baseUrl,
    remoteBaseUrl,
    giteaApiBaseUrl,
    giteaWebBaseUrl,
    giteaClientId,
    giteaClientSecret
  }) {
    this.baseUrl = baseUrl
    this.remoteBaseUrl = remoteBaseUrl
    this.giteaApiBaseUrl = giteaApiBaseUrl
    this.giteaWebBaseUrl = giteaWebBaseUrl
    this.giteaClientId = giteaClientId
    this.giteaClientSecret = giteaClientSecret
  }

  redirectUrl(state) {
    const url = new URL(
      this.giteaWebBaseUrl + '/login/oauth/authorize'
    )
    const search = new URLSearchParams()
    search.set('response_type', 'code')
    search.set('client_id', this.giteaClientId)
    search.set(
      'redirect_uri',
      this.remoteBaseUrl + '/api/auth/callback'
    )
    search.set('state', state)
    url.search = search.toString()
    return url.toString()
  }

  buildState() {
    const timestamp = new Date().valueOf()
    const randomInt = Math.floor(Math.random() * 10000)
    // TODO: sign
    return `${randomInt}-${timestamp}`
  }

  async redirect(event) {
    const state = this.buildState()
    const url = this.redirectUrl(state)
    const headers = new Headers({
      Location: url
    })
    cookie.setCookie(headers, {
      name: 'oauth.gitea.state',
      value: state,
    })
    event.respondWith(new Response('', {
      headers,
      status: 302,
    }))
  }

  getToken(code) {
    this._code = code
    return 'test'
  }

  async callback(event) {
    const url = new URL(event.request.url)
    const { state, code } = Object.fromEntries(
      url.searchParams.entries()
    )
    const cookies = cookie.getCookies(
      event.request.headers
    )
    const headers = new Headers({
      Location: '/#/'
    })
    if (cookies['oauth.gitea.state'] !== state) {
      event.respondWith(new Response('invalid state', {
        status: 401,
      }))
      return
    }
    const token = await this.getToken(code)
    cookie.deleteCookie(headers, 'oauth.gitea.state')
    cookie.setCookie(headers, {
      name: 'oauth.gitea.token',
      value: token,
    })
    event.respondWith(new Response('', {
      headers,
      status: 302,
    }))
  }

  async serve(event) {
    const {pathname} = new URL(event.request.url)
    const u = this.baseUrl
    if (pathname === `${u}/api/auth`) {
      await this.redirect(event)
    } else if (pathname === `${u}/api/auth/callback`) {
      await this.callback(event)
    } else {
      event.respondWith(new Response(
        'Not Found', {status: 404}
      ))
    }
  }
}