using System.Security.Claims;
using System.Text.Encodings.Web;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Options;
using Microsoft.Net.Http.Headers;

namespace MoonlightServers.Daemon.Implementations.TokenScheme;

public class TokenSchemeHandler : AuthenticationHandler<TokenSchemeOptions>
{
    public const string SchemeName = "MoonlightServers.Token";
    
    public TokenSchemeHandler(
        IOptionsMonitor<TokenSchemeOptions> options,
        ILoggerFactory logger,
        UrlEncoder encoder
    ) : base(options, logger, encoder)
    {
    }

    protected override Task<AuthenticateResult> HandleAuthenticateAsync()
    {
        if (!Context.Request.Headers.TryGetValue(HeaderNames.Authorization, out var authHeaderValues))
            return Task.FromResult(AuthenticateResult.Fail("No authorization header present"));

        if (authHeaderValues.Count != 1)
            return Task.FromResult(AuthenticateResult.Fail("No authorization value present"));

        var authHeaderValue = authHeaderValues[0];

        if (string.IsNullOrEmpty(authHeaderValue))
            return Task.FromResult(AuthenticateResult.Fail("No authorization value present"));

        if (authHeaderValue != Options.Token)
            return Task.FromResult(AuthenticateResult.Fail("Invalid token provided"));

        return Task.FromResult(
            AuthenticateResult.Success(new AuthenticationTicket(
                new ClaimsPrincipal(new ClaimsIdentity([], nameof(TokenSchemeHandler))),
                nameof(TokenSchemeHandler)
            ))
        );
    }
}