import * as redirect from "./redirect";

/**
* @param {string} code the authorization code received from the OIDC
* provider
* @returns {boolean} true if the token was fetched, false otherwise
*/
async function getToken(code) {

  const auth_url = import.meta.env.VITE_URL;
  const endpoint = `${auth_url}/auth-api/token`;
  const formData = {
    "grant_type": "authorization_code",
    "code": code,
    "redirect_uri": redirect.createLink(),
    "client_id": import.meta.env.VITE_CLIENT_ID
  }
  const request = {
    method: "POST",
    // mode: 'cors',
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
    },

    body: new URLSearchParams(formData)
  };

  try {
    const response = await fetch(endpoint, request)
    if (!response.ok) {
      throw new Error(response.statusText)
    }
  }
  catch (err) {
    console.error("Failed to retrieve OIDC token")
    alert("Failed to retrieve OIDC token")

    console.error(err)

    localStorage.clear();
    redirect.redirectToLoginPage()
    return false
  }

  const {
    // access_token,
    // token_type,
    refresh_token,
    // expires_in,
    id_token
  } = response.body

  // console.debug("Saving token and refresh tokens...")
  localStorage.setItem("token", id_token);
  localStorage.setItem("refresh_token", refresh_token);

  return true
}


/**
* @param {string} refreshToken the refresh token (optional)
* @returns {boolean} whether the token has been refreshed or not
*/
async function refreshToken(refreshToken) {

  const auth_url = import.meta.env.VITE_URL;
  const endpoint = `${auth_url}/auth-api/token`;
  const formData = {
    client_id: import.meta.env.VITE_CLIENT_ID,
    client_secret: "...",
    grant_type: "code",
    refresh_token: refreshToken,
    scope: "epita profile picture",
  }
  const request = {
    method: "POST",
    // mode: 'cors',
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
    },

    body: new URLSearchParams(formData)
  };

  try {
    const response = await fetch(endpoint, request)
    if (!response.ok) {
      throw new Error(response.statusText)
    }
  }
  catch (err) {
    console.error("Failed to retrieve OIDC token")

    localStorage.clear();
    redirect.redirectToLoginPage()
    return false
  }

  const {
    // access_token,
    // token_type,
    refresh_token,
    // expires_in,
    id_token
  } = response.body

  // console.debug("Saving token and refresh tokens...")
  localStorage.setItem("token", id_token);
  localStorage.setItem("refresh_token", refresh_token);

  return true
}

/**
* @returns {boolean} true if the user is authenticated, false otherwise
*/
async function authenticate() {
  const token = localStorage.getItem("token");
  if (token !== null)
    return true;
  const refresh_token = localStorage.getItem("refresh_token");
  if (refresh_token !== null)
    return true;

  redirect.redirectToLoginPage();
  return false;
}

// FIXME
// missing functions:
// - authedAPIRequest (makes an authenticated request to the API)

export {
  getToken,
  // refreshToken,
  authenticate
}