package zitadel

import (
	"context"
	"fmt"
	zitadelv1alpha1 "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/api/v1alpha1"
	"gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/deployment"
	systemapiaccount "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/systemapi"
	"google.golang.org/grpc"
	"strings"

	"github.com/zitadel/zitadel-go/v3/pkg/client/zitadel"

	"github.com/zitadel/zitadel-go/v3/pkg/client/system"
	corev1 "k8s.io/api/core/v1"
)

type MachineKey struct {
	Type   string `json:"type"`
	KeyID  string `json:"keyId"`
	Key    string `json:"key"`
	UserID string `json:"userId"`
}

func WithAuthority(cluster *zitadelv1alpha1.Cluster) func() zitadel.Option {
	return func() zitadel.Option {
		return zitadel.WithDialOptions(grpc.WithAuthority(GetAuthority(cluster)))
	}
}

func NewSystemClient(ctx context.Context, cluster *zitadelv1alpha1.Cluster, refresolver zitadelv1alpha1.RefResolver) (*system.Client, error) {
	privateKeyData, err := refresolver.SecretKeyRef(ctx, corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: systemapiaccount.SystemAPIAccountName(cluster)}, Key: systemapiaccount.Key}, cluster.Namespace)
	if err != nil {
		return nil, err
	}
	systemClient, err := system.NewClient(ctx, GetIssuer(cluster), GetAPI(cluster),
		system.JWTProfileFromKey([]byte(strings.TrimSpace(privateKeyData)), systemapiaccount.OwnerName),
		system.WithInsecure(),
	)
	if err != nil {
		return nil, fmt.Errorf("Error creating system client: %v", err)
	}
	return systemClient, nil
}

func GetAuthority(zitadel *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("%s:%d", zitadel.Spec.Host, zitadel.Spec.ExternalPort)
}

func GetInstanceAuthority(zitadel *zitadelv1alpha1.Instance, cluster *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("%s:%d", zitadel.Spec.CustomDomain, cluster.Spec.ExternalPort)
}

func GetIssuer(zitadel *zitadelv1alpha1.Cluster) string {
	scheme := "http"
	if zitadel.Spec.ExternalSecure {
		scheme = "https"
	}
	return fmt.Sprintf("%s://%s", scheme, zitadel.Spec.Host)
}

func GetAPI(zitadel *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("%s:%d", deployment.ServiceFQDN(zitadel.ObjectMeta), deployment.ZitadelPort)
}

func GetAPIHost(zitadel *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("%s", deployment.ServiceFQDN(zitadel.ObjectMeta))
}

func GetAPIPort(zitadel *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("%d", deployment.ZitadelPort)
}

func GetAPIUrl(zitadel *zitadelv1alpha1.Cluster) string {
	return fmt.Sprintf("http://%s:%d", deployment.ServiceFQDN(zitadel.ObjectMeta), deployment.ZitadelPort)
}