import error from '../error'
import response from '../response'
import model from '../model'
import authorization from './code'
import wrap from '../wrap'

module.exports = wrap(async (req, res, next) => {
  let clientId = null
  let redirectUri = null
  let responseType = null
  let grantTypes = []
  let scope = null
  let user = null

  if (!req.query.redirect_uri) {
    throw new error.InvalidRequest('redirect_uri field is mandatory for authorization endpoint')
  }

  redirectUri = req.query.redirect_uri
  console.debug('Parameter redirect uri is', redirectUri)

  if (!req.query.client_id) {
    throw new error.InvalidRequest('client_id field is mandatory for authorization endpoint')
  }

  // Check for client_secret (prevent passing it)
  if (req.query.client_secret) {
    throw new error.InvalidRequest('client_secret field should not be passed to the authorization endpoint')
  }

  clientId = req.query.client_id
  console.debug('Parameter client_id is', clientId)

  if (!req.query.response_type) {
    throw new error.InvalidRequest('response_type field is mandatory for authorization endpoint')
  }

  responseType = req.query.response_type
  console.debug('Parameter response_type is', responseType)

  // Support multiple types
  const responseTypes = responseType.split(' ')
  for (const i in responseTypes) {
    switch (responseTypes[i]) {
      case 'code':
        grantTypes.push('authorization_code')
        break
      case 'token':
        grantTypes.push('implicit')
        break
      // case 'id_token':
      case 'none':
        grantTypes.push(responseTypes[i])
        break
      default:
        throw new error.UnsupportedResponseType('Unknown response_type parameter passed')
    }
  }

  // Filter out duplicates
  grantTypes = grantTypes.filter(function (value, index, self) {
    return self.indexOf(value) === index
  })

  // "None" type cannot be combined with others
  if (grantTypes.length > 1 && grantTypes.indexOf('none') !== -1) {
    throw new error.InvalidRequest('Grant type "none" cannot be combined with other grant types')
  }

  console.debug('Parameter grant_type is', grantTypes.join(' '))

  const client = await req.oauth2.model.client.fetchById(clientId)
  if (!client) {
    throw new error.InvalidClient('Client not found')
  }

  // TODO: multiple redirect URI
  if (!req.oauth2.model.client.getRedirectUri(client)) {
    throw new error.UnsupportedResponseType('The client has not set a redirect uri')
  } else if (!req.oauth2.model.client.checkRedirectUri(client, redirectUri)) {
    throw new error.InvalidRequest('Wrong RedirectUri provided')
  }
  console.debug('redirect_uri check passed')

  // The client needs to support all grant types
  for (const i in grantTypes) {
    if (!req.oauth2.model.client.checkGrantType(client, grantTypes[i]) && grantTypes[i] !== 'none') {
      throw new error.UnauthorizedClient('This client does not support grant type ' + grantTypes[i])
    }
  }
  console.debug('Grant type check passed')

  scope = req.oauth2.model.client.transformScope(req.query.scope)
  scope = req.oauth2.model.client.checkScope(client, scope)
  if (!scope) {
    throw new error.InvalidScope('Client does not allow access to this scope')
  }
  console.debug('Scope check passed')

  user = await req.oauth2.model.user.fetchFromRequest(req)
  if (!user) {
    throw new error.InvalidRequest('There is no currently logged in user')
  } else {
    if (!user.username) {
      throw new error.Forbidden(user)
    }
    console.debug('User fetched from request')
  }

  let resObj = {}
  let consented = false

  if (req.method === 'GET') {
    if (client.verified === 1) {
      consented = true
    } else {
      consented = await model.user.consented(user.id, client.id, scope)
    }
  }

  // Ask for consent
  if (!consented) return req.oauth2.decision(req, res, client, scope, user, redirectUri)

  for (const i in grantTypes) {
    let data = null
    switch (grantTypes[i]) {
      case 'authorization_code':
        data = await authorization.Code(req, res, client, scope, user, redirectUri, !consented)

        resObj = Object.assign({ code: data }, resObj)

        break
      case 'implicit':
        data = await authorization.Implicit(req, res, client, scope, user, redirectUri, !consented)

        resObj = Object.assign({
          token_type: 'bearer',
          access_token: data,
          expires_in: req.oauth2.model.accessToken.ttl
        }, resObj)

        break
      case 'none':
        resObj = {}
        break
      default:
        throw new error.UnsupportedResponseType('Unknown response_type parameter passed')
    }
  }

  // Return non-code response types as fragment instead of query
  return response.data(req, res, resObj, redirectUri, responseType !== 'code')
}, true)