package oauth2

import (
	"net/http"

	"github.com/gin-gonic/gin"
	"github.com/gorilla/sessions"
	"github.com/ory/fosite"

	"edge-infra.dev/pkg/edge/iam/client"
	"edge-infra.dev/pkg/edge/iam/config"
	"edge-infra.dev/pkg/edge/iam/device"
	"edge-infra.dev/pkg/edge/iam/log"
	"edge-infra.dev/pkg/edge/iam/session"
	"edge-infra.dev/pkg/edge/iam/util"
)

func newCookieSession(ctx *gin.Context, cookieSession *sessions.Session, session *session.LoginSession, clientID string, requester fosite.AuthorizeRequester) {
	cookieSession.Values["client_id"] = clientID
	cookieSession.Values["errormsg"] = session.ErrorMessage
	setLDFeatureFlags(ctx, cookieSession, requester)
}

func setRequestURL(cookieSession *sessions.Session, ctx *gin.Context) {
	// save the url we expect to be redirect to at the end
	url := ctx.Request.URL
	query := url.Query()
	// we dont expect a login_hint
	query.Del("login_hint")
	url.RawQuery = query.Encode()
	redirectURI := url.String()
	cookieSession.Values["request_url"] = redirectURI
}

func setLDFeatureFlags(ctx *gin.Context, cookieSession *sessions.Session, requester fosite.AuthorizeRequester) {
	logger := log.Get(ctx)

	// Set barcode flag
	// let us assume that this client does not have barcode grant
	cookieSession.Values["print_barcode_enabled"] = false

	client := requester.GetClient().(*client.Client)
	// check if the feature flag barcode enabled true and
	// the client has barcode grant
	if config.BarcodeEnabled(requester.GetClient().GetID()) {
		// this cookie value we should utilize in identity
		if len(client.GetPrintBarcodeURI()) > 0 {
			cookieSession.Values["print_barcode_enabled"] = true
		}
		if len(client.GetPrintBarcodeTypes()) > 0 {
			cookieSession.Values["print_barcode_enabled"] = util.IsElementExist(client.GetPrintBarcodeTypes(), "128A")
		}
	}
	cookieSession.Values["print_ebc_enabled"] = util.IsElementExist(client.GetPrintBarcodeTypes(), "qr") && config.EmergencyBarcodeEnabled(client.GetID())

	cookieSession.Values["can_scan_barcode"] = client.GetGrantTypes().Has("barcode")

	//Set Okta Enabled Flag
	cookieSession.Values["okta_enabled"] = config.OktaEnabled()

	cookieSession.Values["device_enabled"] = config.DeviceLoginEnabled()

	devicePolicy, errGetPolicy := device.GetLoginPolicy()
	if errGetPolicy == nil {
		cookieSession.Values["device_login_policy"] = devicePolicy
	}

	cookieSession.Values["strong_auth_disabled"] = config.StrongAuthDisabled()

	//save cookie session
	err := cookieSession.Save(ctx.Request, ctx.Writer)
	if err != nil {
		logger.Error(err, "failed to save cookie session post setting the LD feature flags")
		ctx.Redirect(http.StatusFound, "/esod")
		return
	}
}