package crypto

import (
	"bytes"
	"encoding/gob"
	"encoding/hex"

	"edge-infra.dev/pkg/lib/crypto/encodings"
)

type Secret struct {
	Principal  string
	Iterations int
	Salt       string
	Hash       string
	Function   string
	HashType   string
	Generation int
	Rotation   bool
}

func NewSecret(hash, salt []byte, principal, function, hashType string, iterations, generation int, rotation bool) *Secret {
	return &Secret{
		Principal:  principal,
		Iterations: iterations,
		Function:   function,
		HashType:   hashType,
		Generation: generation,
		Hash:       hex.EncodeToString(hash),
		Salt:       hex.EncodeToString(salt),
		Rotation:   rotation,
	}
}

func NewSecretFromString(secret string) (Secret, error) {
	secretString, err := encodings.Base64Decode(secret)
	if err != nil {
		return Secret{}, err
	}
	return deserializeSecret(secretString)
}

func (secret *Secret) SerializeAndBase64Encode() (string, error) {
	secretBytes, err := serializeSecret(*secret)
	if err != nil {
		return "", err
	}
	return encodings.Base64Encode(string(secretBytes)), nil
}

func (secret *Secret) DecodedHash() ([]byte, error) {
	return hex.DecodeString(secret.Hash)
}

func (secret *Secret) DecodedSalt() ([]byte, error) {
	return hex.DecodeString(secret.Salt)
}

func deserializeSecret(secret string) (Secret, error) {
	decodedSecret := Secret{}
	decode := gob.NewDecoder(bytes.NewBuffer([]byte(secret)))
	if err := decode.Decode(&decodedSecret); err != nil {
		return decodedSecret, err
	}
	return decodedSecret, nil
}

func serializeSecret(secret Secret) ([]byte, error) {
	var data bytes.Buffer
	encoder := gob.NewEncoder(&data)
	if err := encoder.Encode(secret); err != nil {
		return data.Bytes(), err
	}
	return data.Bytes(), nil
}