package main

import (
	"bufio"
	"bytes"
	"encoding/json"
	"io"
	"io/ioutil"
	"log"
	"net/http"
	"os"
)

type OAuth struct {
	Access_token  string `"json:access_token"`
	Created_at    int    `"json:created_at"`
	Expires_in    int64  `"json:Expires_in"`
	Refresh_token string `"json:refresh_token"`
}

type authError struct {
	msg string
}

func (e *authError) Error() string {
	return e.msg
}

func register_client(endpoint string, http_client *http.Client) (string, string, error) {
	requestBodymap, _ := json.Marshal(map[string]string{
		"client_name":   "Tusky", // Hard-coded in for now...
		"scopes":        "read write follow push",
		"redirect_uris": "urn:ietf:wg:oauth:2.0:oob",
	})
	requestBodybytes := bytes.NewBuffer(requestBodymap)

	api_base_apps := "https://" + endpoint + "/api/v1/apps"

	resp, err := http_client.Post(api_base_apps, "application/json", requestBodybytes)
	if err != nil {
		log.Fatal("Unable to connect to "+api_base_apps+" ", err)
	}

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Print("Unable to read HTTP response: ", err)
		return "", "", err
	}
	defer resp.Body.Close()

	bodymap := make(map[string]string)
	err = json.Unmarshal(body, &bodymap)
	if err != nil {
		log.Print("Unable to Unmarshal response: ", err)
		return "", "", err
	}

	client_file := "clients/" + endpoint

	f, err := os.Create("clients/" + endpoint)
	if err != nil {
		log.Print("Unable to create "+client_file+": ", err)
		return bodymap["client_id"], bodymap["client_secret"], nil
	}
	defer f.Close()

	_, err = io.WriteString(f, bodymap["client_id"]+"\n")
	if err != nil {
		log.Print("Unable to write client_id line: ", err)
		return bodymap["client_id"], bodymap["client_secret"], nil
	}
	_, err = io.WriteString(f, bodymap["client_secret"]+"\n")
	if err != nil {
		log.Print("Unable to write client_secret line: ", err)
		return bodymap["client_id"], bodymap["client_secret"], nil
	}

	return bodymap["client_id"], bodymap["client_secret"], nil
}

func get_client(endpoint string, http_client *http.Client) (string, string, error) {
	client_file := "clients/" + endpoint
	_, err := os.Stat(client_file)
	if os.IsNotExist(err) == false { // The file exists
		f, err := os.Open(client_file)
		if err != nil {
			log.Print("Unable to open " + client_file + ", creating new client")
			return register_client(endpoint, http_client)
		}
		defer f.Close()

		rd := bufio.NewReader(f)

		client_id, _, err := rd.ReadLine()
		if err != nil {
			log.Print("Unable to read client_id line of " + client_file + ", building new client")
			return register_client(endpoint, http_client)
		}
		client_secret, _, err := rd.ReadLine()
		if err != nil {
			log.Print("Unable to read client_secret line of " + client_file + ", building new client")
			return register_client(endpoint, http_client)
		}

		return string(client_id), string(client_secret), nil
	} else {
		return register_client(endpoint, http_client)
	}
}

func oauth_login(endpoint string, username string, password string, client_id string, client_secret string) (OAuth, error) {
	authMap, err := json.Marshal(map[string]string{
		"username":      username,
		"password":      password,
		"redirect_uri":  "urn:ietf:wg:oauth:2.0:oob",
		"grant_type":    "password",
		"client_name":   "Tusky",
		"scope":         "read write follow push",
		"client_id":     client_id,
		"client_secret": client_secret,
	})

	if err != nil {
		log.Print("Unable to create Authentication map")
		return OAuth{}, err
	}

	authMapbytes := bytes.NewBuffer(authMap)

	resp, err := http.Post("https://"+endpoint+"/oauth/token", "application/json", authMapbytes)
	if err != nil {
		log.Print("Cannot connect to "+endpoint+": ", err)
		return OAuth{}, err
	}

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Print("Unable to read response data: ", err)
		return OAuth{}, err
	}

	if resp.StatusCode == 400 {
		log.Print("Unable to authenticate")
		return OAuth{}, &authError{"Authentication error"}
	}

	oauthData := OAuth{}
	err = json.Unmarshal(body, &oauthData)
	if err != nil {
		log.Print("Unable to Unmarshal json data: ", err)
		return OAuth{}, err
	}

	return oauthData, nil

}

func oauth_refresh(endpoint string, client_id string, client_secret string, refresh_token string) (OAuth, error) {
	authMap, err := json.Marshal(map[string]string{
		"redirect_uri":  "urn:ietf:wg:oauth:2.0:oob",
		"grant_type":    "refresh_token",
		"scope":         "read write follow push",
		"refresh_token": refresh_token,
		"client_id":     client_id,
		"client_secret": client_secret,
	})

	authMapbytes := bytes.NewBuffer(authMap)

	resp, err := http.Post("https://"+endpoint+"/oauth/token", "application/json", authMapbytes)
	if err != nil {
		log.Print("Cannot connect to "+endpoint+": ", err)
		return OAuth{}, err
	}

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Print("Unable to read response data: ", err)
		return OAuth{}, err
	}

	oauthData := OAuth{}
	err = json.Unmarshal(body, &oauthData)
	if err != nil {
		log.Print("Unable to Unmarshal json data: ", err)
		return oauthData, err
	}

	return oauthData, nil
}