import { GrantAccessRequestBody, JWTService } from "sim-shared/aplication/JWT.service.js"
import { env } from "./env/index.js"
import { JWTHeader } from "sim-shared/domain/JWT.js"


const PRIVATE_KEY_PATH = env.OBJ_PEM_PATH

const GET_TOKEN_URL = "https://idp.docapost.io/auth/realms/GETWAY/protocol/openid-connect/token"
const REFRESH_TOKEN_URL = GET_TOKEN_URL

const DEFAULT_BODY: GrantAccessRequestBody = {
  grant_type: "client_credentials",
  client_id: env.OBJ_CLIENT_ID,
  client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  client_assertion: env.OBJ_CLI_ASSERTION
}


const DEFAULT_HEADERS = {
  "content-type": "application/x-www-form-urlencoded"
}

const DEFAULT_HEADERS_JWT = {
  alg: "RS256",
  typ: "JWT",
  kid: env.OBJ_KID,
}

const DEFAULT_DATA_JWT = {
  sub: env.OBJ_CLIENT_ID,
  iss: env.OBJ_CLIENT_ID,
  aud: "https://idp.docapost.io/auth/realms/GETWAY",
  jti: Date.now().toString(),

}

function addIATHeaders(authHeaders: Object) {
  const headers = <JWTHeader>{
    ...authHeaders,
    sub: env.OBJ_CLIENT_ID,
    iss: env.OBJ_CLIENT_ID,
    aud: GET_TOKEN_URL,
    jti: Date.now().toString(),
    iat: Math.floor(Date.now() / 1000),
    exp: Math.floor(Date.now() / 1000) + 5 * 60,
  }
  return headers
}

export const jwtService = new JWTService({
  transformJWTHeaders: addIATHeaders,
  defaultHeaders: DEFAULT_HEADERS,
  defaultBody: DEFAULT_BODY,
  defaultJWTHeaders: DEFAULT_HEADERS_JWT,
  defaultJWTPayload: DEFAULT_DATA_JWT,
  privateKeyPath: PRIVATE_KEY_PATH,
  tokenUrl: GET_TOKEN_URL,
  refreshTokenUrl: REFRESH_TOKEN_URL
})