package keystore

import (
	"crypto/rand"
	"encoding/base64"
	"os"

	"git.1in9.net/raider/wroofauth/internal/logger"
	"github.com/lestrrat-go/jwx/jwk"
	"github.com/spf13/viper"
	"go.uber.org/zap"
)

var (
	Global jwk.Set
)

func GenerateRandomBytes(n uint32) ([]byte, error) {
	b := make([]byte, n)
	_, err := rand.Read(b)
	if err != nil {
		return nil, err
	}

	return b, nil
}

func GenerateKeyID() (string, error) {
	random, err := GenerateRandomBytes(64)
	if err != nil {
		return "", err
	}

	kid := base64.StdEncoding.EncodeToString(random)

	return kid, nil
}

func LoadKeystore() {
	if viper.GetString("crypto.keyfile") != "" {
		keystoreContent, err := os.ReadFile(viper.GetString("crypto.keyfile"))
		if err != nil {
			logger.Logger.Fatal("Unable to load keyfile", zap.Error(err))
			return
		}

		fileKeyStore, err := jwk.Parse(keystoreContent)
		if err != nil {
			logger.Logger.Fatal("Unable to load keyfile", zap.Error(err))
			return
		}

		Global = fileKeyStore

		if key, found := Global.Get(0); found {
			viper.SetDefault("crypto.use_key", key.KeyID())
		}
		return
	}

	configKeyStore := jwk.NewSet()
	err := viper.UnmarshalKey("crypto.keys", &configKeyStore)

	if err != nil {
		logger.Logger.Fatal("Unable to load keys", zap.Error(err))
		return
	}

	Global = configKeyStore

	if key, found := Global.Get(0); found {
		viper.SetDefault("crypto.use_key", key.KeyID())
	}

	return
}