//nolint:dupl
package database

import (
	"context"
	"encoding/json"
	"fmt"

	"edge-infra.dev/pkg/edge/iam/config"
	"edge-infra.dev/pkg/edge/iam/crypto"
	"edge-infra.dev/pkg/edge/iam/log"
	"edge-infra.dev/pkg/edge/iam/storage"

	"github.com/go-redis/redis"
	"github.com/ory/fosite"
	"github.com/pkg/errors"
)

func (s *Store) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error) {
	log := log.Get(ctx)

	refreshKey := keyFrom(KeyPrefixRefreshToken, signature)
	r := storage.ToStorage(signature, request)

	masked := r.ToMaskedRequest(ctx)
	maskedJSON, _ := json.Marshal(masked)

	log.Info("refresh token created", "request", string(maskedJSON))

	err = s.set(refreshKey, r, config.GetRefreshTokenTTL())
	if err != nil {
		return errors.Wrap(err, "failed to create refresh token session")
	}

	refreshReqKey := keyFrom(KeyPrefixRefreshTokenReq, request.GetID())
	if config.EncryptionEnabled() {
		encryptedVal, err := crypto.EncryptRedis([]byte(signature), config.EncryptionKey())
		if err != nil {
			return err
		}
		signature = encryptedVal
	}
	if err := s.RedisDB.Set(refreshReqKey, signature, config.GetRefreshTokenTTL()).Err(); err != nil {
		return errors.Wrap(err, "failed to create refresh token request")
	}

	return nil
}

func (s *Store) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error) {
	key := keyFrom(KeyPrefixRefreshToken, signature)
	req, err := s.get(key)
	if err == redis.Nil {
		return nil, errors.Wrap(fosite.ErrNotFound, "")
	} else if err != nil {
		return nil, errors.WithStack(err)
	}

	// Transform to a fosite.Request
	iamClient, err := s.GetIAMClient(ctx, req.ClientID)
	if err != nil {
		s.Log.Info("failed to get client in db", "error", err, "id", req.ClientID)
		return nil, err
	}
	request, err = req.ToFositeRequest(ctx, session, iamClient)
	if err != nil {
		if err == fosite.ErrNotFound {
			s.Log.Info("failed to transform a fosite session to a fosite request", "error", err)
			return nil, err
		}

		return nil, err
	}
	if !req.Active {
		return request, fosite.ErrInactiveToken
	}

	return request, err
}

func (s *Store) DeleteRefreshTokenSession(_ context.Context, signature string) (err error) {
	key := keyFrom(KeyPrefixRefreshToken, signature)
	err = s.RedisDB.Del(key).Err()
	if err != nil {
		return errors.Wrap(err, fmt.Sprintf("failed to delete key '%v'", key))
	}

	return nil
}