import { InvalidRequest } from '../model/error';
import { data as dataResponse } from '../utils/response';
import wrap from '../utils/wrap';

export const introspection = wrap(async function (req, res) {
  let clientId: string | null = null;
  let clientSecret: string | null = null;

  const { oauth2 } = req;

  if (req.body.client_id && req.body.client_secret) {
    clientId = req.body.client_id as string;
    clientSecret = req.body.client_secret as string;
    console.debug('Client credentials parsed from body parameters ', clientId, clientSecret);
  } else {
    if (!req.headers || !req.headers.authorization) {
      throw new InvalidRequest('No authorization header passed');
    }

    let pieces = req.headers.authorization.split(' ', 2);
    if (!pieces || pieces.length !== 2) {
      throw new InvalidRequest('Authorization header is corrupted');
    }

    if (pieces[0] !== 'Basic') {
      throw new InvalidRequest(`Unsupported authorization method: ${pieces[0]}`);
    }

    pieces = Buffer.from(pieces[1], 'base64').toString('ascii').split(':', 2);
    if (!pieces || pieces.length !== 2) {
      throw new InvalidRequest('Authorization header has corrupted data');
    }

    clientId = pieces[0];
    clientSecret = pieces[1];
    console.debug('Client credentials parsed from basic auth header: ', clientId, clientSecret);
  }

  if (!req.body.token) {
    throw new InvalidRequest('Token not provided in request body');
  }

  const token = await oauth2.model.accessToken.fetchByToken(req.body.token);
  if (!token) {
    throw new InvalidRequest('Token does not exist');
  }

  const ttl = oauth2.model.accessToken.getTTL(token);
  const resObj = {
    token_type: 'bearer',
    token: token.token,
    expires_in: Math.floor(ttl / 1000)
  };

  dataResponse(req, res, resObj);
});