package main

import (
	"context"
	"fmt"
	"log"
	"net/http"
	"os"
	"os/signal"
	"pkg/spamasaurusrex/pkg/graphhelper"
	"syscall"
	"time"

	_ "github.com/breml/rootcerts"
	"github.com/gorilla/mux"

	"github.com/davecgh/go-spew/spew"

    "github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
)

func handler(w http.ResponseWriter, r *http.Request) {
	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
	// redirectURI := "https://alias.spamasaurus.com/"
	scopes := []string{"email"}

	// confidential clients have a credential, such as a secret or a certificate
	cred, err := confidential.NewCredFromSecret("client_secret")
	if err != nil {
		// TODO: handle error
	}

	confidentialClient, err := confidential.New("https://login.microsoftonline.com/" + tenantId, clientId, cred)
	if err != nil {
		// TODO: handle error
	}

	result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes)
	if err != nil {
		// cache miss, authenticate with another AcquireToken... method
		result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes)
		if err != nil {
			// TODO: handle error
		}
	}
	// accessToken := result.AccessToken
	w.Write([]byte(fmt.Sprintf("Hello, %s\n", spew.Sdump(result.AccessToken))))
}

func healthHandler(w http.ResponseWriter, r *http.Request) {
	w.WriteHeader(http.StatusOK)
}

func loginHandler(w http.ResponseWriter, r *http.Request) {
	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
	redirectURI := "https://alias.spamasaurus.com/"

	http.Redirect(w, r,
		"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
}

func readinessHandler(w http.ResponseWriter, r *http.Request) {
	w.WriteHeader(http.StatusOK)
}

func main() {
	r := mux.NewRouter()

	r.HandleFunc("/", handler)
	r.HandleFunc("/health", healthHandler)
	r.HandleFunc("/login", loginHandler)
	r.HandleFunc("/readiness", readinessHandler)

	srv := &http.Server{
		Handler:      r,
		Addr:         ":8080",
		ReadTimeout:  10 * time.Second,
		WriteTimeout: 10 * time.Second,
	}

	// Start Server
	go func() {
		log.Println("Starting Server")
		if err := srv.ListenAndServe(); err != nil {
			log.Fatal(err)
		}
	}()

	// Graceful Shutdown
	waitForShutdown(srv)
}

func waitForShutdown(srv *http.Server) {
	interruptChan := make(chan os.Signal, 1)
	signal.Notify(interruptChan, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)

	// Block until we receive our signal.
	<-interruptChan

	// create a deadline to wait for.
	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
	defer cancel()
	srv.Shutdown(ctx)

	log.Println("Shutting down")
	os.Exit(0)
}

func initializeGraph(graphHelper *graphhelper.GraphHelper) {
	err := graphHelper.InitializeGraphForUserAuth()
	if err != nil {
		log.Panicf("Error initializing Graph for user auth: %v\n", err)
	}
}

func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
	token, err := graphHelper.GetUserToken()
	if err != nil {
		log.Panicf("Error getting user token: %v\n", err)
	}

	fmt.Printf("User token: %s", *token)
	fmt.Println()
}

func makeGraphCall(graphHelper *graphhelper.GraphHelper) {
	// TODO
}