using System.IdentityModel.Tokens.Jwt;
using System.Net;
using System.Text;
using Microsoft.IdentityModel.Tokens;
using MySql.Data.MySqlClient;

namespace Server;

public class SecuredRoute : Route
{
    protected static readonly string secretKey =
        "stronk-key-much-sercret-much-more-stronk-stronk-key-much-sercret-much-more-stronk";
    protected delegate void DelegateValidate(Dictionary<string, string> bodyparamValues);

    protected static string ExtractUserId(HttpListenerRequest request)
    {
        var headers = request.Headers;
        string token = headers["token"] ?? "";
        string? usernameClaim = GetUserFromToken(token);
        if (
            !string.IsNullOrEmpty(token)
            && !ValidateToken(token)
            && string.IsNullOrEmpty(usernameClaim)
        )
            return "";
        else
            return usernameClaim;
    }

    protected static MySqlCommand AddValuesToCmd(
        Dictionary<string, string> values,
        MySqlCommand cmd
    )
    {
        foreach (var item in values)
        {
            cmd.Parameters.AddWithValue("@" + item.Key, item.Value);
        }
        return cmd;
    }

    // create an insert route and move this func there
    protected static string CreateInsertQuery(string table, List<string> valuesToAdd)
    {
        string query =
            "INSERT INTO "
            + table
            + "("
            + string.Join(",", valuesToAdd)
            + ") VALUES(@"
            + string.Join(",@", valuesToAdd)
            + ");";
        return query;
    }

    private static bool ValidateToken(string token)
    {
        try
        {
            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
            var tokenHandler = new JwtSecurityTokenHandler();
            var validationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                ValidIssuer = "TimeLogServer",
                ValidAudience = "TimeLogWebsite",
                IssuerSigningKey = key,
            };

            var principal = tokenHandler.ValidateToken(
                token,
                validationParameters,
                out SecurityToken validatedToken
            );
            return validatedToken != null;
        }
        catch
        {
            return false;
        }
    }

    private static string GetUserFromToken(string token)
    {
        var handler = new JwtSecurityTokenHandler();
        var jwtToken = handler.ReadJwtToken(token);
        string? usernameClaim = jwtToken.Claims.FirstOrDefault(c => c.Type == "user")?.Value;
        return string.IsNullOrEmpty(usernameClaim) ? "" : usernameClaim;
    }
}