package handlers

import (
	"errors"
	"net/http"
	"time"

	"github.com/gin-gonic/gin"

	"edge-infra.dev/pkg/edge/api/middleware"
	"edge-infra.dev/pkg/edge/auth-proxy/utils"
)

// TokenExchange handler that updates the session with new bsl token.
func (h ProxyHandler) TokenExchange(req *http.Request, body []byte) (*http.Request, []byte, error) {
	respBody, err := utils.GetGraphqlResponse(body)
	if err != nil {
		h.log.Error(err, "failed to unmarshal client response")
		h.c.JSON(http.StatusInternalServerError, gin.H{"message": "Internal Server Error"})
		return req, body, err
	}
	var resp struct{ TokenExchange string }
	if err := utils.Unpack(respBody.Data, &resp); err != nil {
		h.log.Error(err, "failed to unpack response")
		h.c.JSON(http.StatusInternalServerError, gin.H{"message": "Internal Server Error"})
		return req, body, err
	}
	if resp.TokenExchange == "" {
		return req, body, errors.New("no response received or bsl token empty")
	}
	usr, err := middleware.ValidateAndGetUser(resp.TokenExchange, h.tokenSecret)
	if err != nil {
		h.log.Error(err, "failed to validate user token")
		h.c.JSON(http.StatusInternalServerError, gin.H{"message": "Internal Server Error"})
		return req, body, err
	}
	h.session.Set("token", usr.Token)
	h.session.Set("expires_on", time.Now().UTC().Add(15*time.Minute))
	return req, body, h.session.Save()
}