package service

import (
	"context"
	"fmt"
	"golang.org/x/oauth2"
	"io/ioutil"
	"net/http"
	"github.com/coreos/go-oidc"
)

var cfg = &oauth2.Config{
	ClientID:     "client_id",
	ClientSecret: "client_secret",
	RedirectURL:  "http://localhost:8080/callback",
	Scopes:       []string{"openid", "profile", "email"},
	Endpoint: oauth2.Endpoint{
		AuthURL:  "http://localhost:8080/authorize",
		TokenURL: "http://localhost:8080/token",
	},
}

provider, err := oidc.NewProvider(context.Background(), "http://localhost:8080")
if err != nil {
log.Fatalf("Failed to create provider: %v", err)
}

client := &http.Client{
Transport: &oauth2.Transport{
Source: provider.TokenSource(context.Background(), &oauth2.Token{
AccessToken: accessToken,
}),
},
}

func userHandler(w http.ResponseWriter, r *http.Request) {
	accessToken := r.URL.Query().Get("access_token")
	if accessToken == "" {
		http.Error(w, "Missing access token", http.StatusBadRequest)
		return
	}

	claims, err := verifyJWT(accessToken)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	w.Write([]byte(fmt.Sprintf("Hello, %s!", claims.Subject)))
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
	url := cfg.AuthCodeURL("state", oauth2.AccessTypeOnline)
	http.Redirect(w, r, url, http.StatusFound)
}
func callbackHandler(w http.ResponseWriter, r *http.Request) {
	code := r.URL.Query().Get("code")
	if code == "" {
		http.Error(w, "Missing authorization code", http.StatusBadRequest)
		return
	}

	token, err := cfg.Exchange(context.Background(), code)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	http.SetCookie(w, &http.Cookie{
		Name:  "access_token",
		Value: token.AccessToken,
	})

	http.Redirect(w, r, "/", http.StatusFound)
}

func loginHandler(w http.ResponseWriter, r *http.Request) {
	http.Redirect(w, r, cfg.AuthCodeURL("state", oauth2.AccessTypeOnline), http.StatusFound)
}

func callbackHandler(w http.ResponseWriter, r *http.Request) {
	code := r.URL.Query().Get("code")
	if code == "" {
		http.Error(w, "Missing authorization code", http.StatusBadRequest)
		return
	}

	token, err := cfg.Exchange(context.Background(), code)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	http.SetCookie(w, &http.Cookie{
		Name:  "access_token",
		Value: token.AccessToken,
	})

	http.Redirect(w, r, "/", http.StatusFound)
}

func userHandler(w http.ResponseWriter, r *http.Request) {
	accessToken, err := r.Cookie("access_token")
	if err != nil {
		http.Redirect(w, r, "/login", http.StatusFound)
		return
	}

	resp, err := http.Get("http://localhost:8081/user?access_token=" + accessToken.Value)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	defer resp.Body.Close()

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	w.Write(body)
}