//
//  tank
//
//  Import and Playlist Daemon for autoradio project
//
//
//  Copyright (C) 2017-2019 Christian Pointner <equinox@helsinki.at>
//
//  This file is part of tank.
//
//  tank is free software: you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  any later version.
//
//  tank is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with tank. If not, see <http://www.gnu.org/licenses/>.
//

package auth

import (
	"errors"
	"net/http"
	"os"
	"strings"
	"time"
)

type SameSite http.SameSite

func (s SameSite) String() string {
	switch http.SameSite(s) {
	case http.SameSiteLaxMode:
		return "lax"
	case http.SameSiteStrictMode:
		return "strict"
	case http.SameSiteDefaultMode:
		return "default"
	}
	return "unset"
}

func (s *SameSite) fromString(str string) error {
	switch strings.ToLower(os.ExpandEnv(str)) {
	case "lax":
		*s = SameSite(http.SameSiteLaxMode)
	case "strict":
		*s = SameSite(http.SameSiteStrictMode)
	case "default":
		*s = SameSite(http.SameSiteDefaultMode)
	default:
		return errors.New("invalid same site policy: '" + str + "'")
	}
	return nil
}

func (s SameSite) MarshalText() (data []byte, err error) {
	data = []byte(s.String())
	return
}

func (s *SameSite) UnmarshalText(data []byte) (err error) {
	return s.fromString(string(data))
}

type SessionCookiesConfig struct {
	Secure   bool     `json:"secure" yaml:"secure" toml:"secure"`
	Path     string   `json:"path" yaml:"path" toml:"path"`
	Domain   string   `json:"domain" yaml:"domain" toml:"domain"`
	SameSite SameSite `json:"same-site" yaml:"same-site" toml:"same-site"`
}

type SessionsConfig struct {
	MaxAge  time.Duration        `json:"max-age" yaml:"max-age" toml:"max-age"`
	Cookies SessionCookiesConfig `json:"cookies" yaml:"cookies" toml:"cookies"`
}

type OIDCConfig struct {
	IssuerURL    string `json:"issuer-url" yaml:"issuer-url" toml:"issuer-url"`
	ClientID     string `json:"client-id" yaml:"client-id" toml:"client-id"`
	ClientSecret string `json:"client-secret" yaml:"client-secret" toml:"client-secret"`
	CallbackURL  string `json:"callback-url" yaml:"callback-url" toml:"callback-url"`
}

type Config struct {
	Sessions SessionsConfig `json:"sessions" yaml:"sessions" toml:"sessions"`
	OIDC     *OIDCConfig    `json:"oidc" yaml:"oidc" toml:"oidc"`
}

func (c *Config) ExpandEnv() {
	c.Sessions.Cookies.Path = os.ExpandEnv(c.Sessions.Cookies.Path)
	c.Sessions.Cookies.Domain = os.ExpandEnv(c.Sessions.Cookies.Domain)
	if c.OIDC != nil {
		c.OIDC.IssuerURL = os.ExpandEnv(c.OIDC.IssuerURL)
		c.OIDC.ClientID = os.ExpandEnv(c.OIDC.ClientID)
		c.OIDC.ClientSecret = os.ExpandEnv(c.OIDC.ClientSecret)
		c.OIDC.CallbackURL = os.ExpandEnv(c.OIDC.CallbackURL)
	}
}