import { getV2OpenGroupRoomByRoomId, saveV2OpenGroupRoom } from '../../../../data/opengroups';
import { callUtilsWorker } from '../../../../webworker/workers/util_worker_interface';
import { allowOnlyOneAtATime } from '../../../utils/Promise';
import { toHex } from '../../../utils/String';
import { getIdentityKeyPair, getOurPubKeyStrFromCache } from '../../../utils/User';
import { OpenGroupRequestCommonType, OpenGroupV2Request } from './ApiUtil';
import { sendApiV2Request } from './OpenGroupAPIV2';
import { parseStatusCodeFromOnionRequest } from './OpenGroupAPIV2Parser';

async function claimAuthToken(
  authToken: string,
  serverUrl: string,
  roomId: string
): Promise<string | null> {
  // Set explicitly here because is isn't in the database yet at this point
  const headers = { Authorization: authToken };
  const request: OpenGroupV2Request = {
    method: 'POST',
    headers,
    room: roomId,
    server: serverUrl,
    queryParams: { public_key: getOurPubKeyStrFromCache() },
    isAuthRequired: false,
    endpoint: 'claim_auth_token',
  };
  const result = await sendApiV2Request(request);
  const statusCode = parseStatusCodeFromOnionRequest(result);
  if (statusCode !== 200) {
    window?.log?.warn(`Could not claim token, status code: ${statusCode}`);
    return null;
  }
  return authToken;
}

async function oneAtATimeGetAuth({ serverUrl, roomId }: OpenGroupRequestCommonType) {
  return allowOnlyOneAtATime(`getAuthToken${serverUrl}:${roomId}`, async () => {
    try {
      // first try to fetch from db a saved token.
      const roomDetails = await getV2OpenGroupRoomByRoomId({ serverUrl, roomId });
      if (!roomDetails) {
        window?.log?.warn('getAuthToken Room does not exist.');
        return null;
      }

      if (roomDetails?.token) {
        return roomDetails.token;
      }

      window?.log?.info(
        `Triggering getAuthToken with serverUrl:'${serverUrl}'; roomId: '${roomId}'`
      );
      const token = await requestNewAuthToken({ serverUrl, roomId });

      if (!token) {
        window?.log?.warn('invalid new auth token', token);
        return;
      }

      window?.log?.info(`Got AuthToken for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);
      const claimedToken = await claimAuthToken(token, serverUrl, roomId);

      if (!claimedToken) {
        window?.log?.warn('Failed to claim token', claimedToken);
      } else {
        window?.log?.info(`Claimed AuthToken for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);
      }
      // still save it to the db. just to mark it as to be refreshed later
      roomDetails.token = claimedToken || '';
      await saveV2OpenGroupRoom(roomDetails);

      window?.log?.info(`AuthToken saved to DB for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);

      return claimedToken;
    } catch (e) {
      window?.log?.error('Failed to getAuthToken', e);
      throw e;
    }
  });
}

export async function getAuthToken({
  serverUrl,
  roomId,
}: OpenGroupRequestCommonType): Promise<string | null> {
  return oneAtATimeGetAuth({ roomId, serverUrl });
}

// tslint:disable: member-ordering
export async function requestNewAuthToken({
  serverUrl,
  roomId,
}: OpenGroupRequestCommonType): Promise<string | null> {
  const userKeyPair = await getIdentityKeyPair();
  if (!userKeyPair) {
    throw new Error('Failed to fetch user keypair');
  }

  const ourPubkey = getOurPubKeyStrFromCache();
  const parameters = {} as Record<string, string>;
  parameters.public_key = ourPubkey;
  const request: OpenGroupV2Request = {
    method: 'GET',
    room: roomId,
    server: serverUrl,
    queryParams: parameters,
    isAuthRequired: false,
    endpoint: 'auth_token_challenge',
  };
  const json = (await sendApiV2Request(request)) as any;
  // parse the json
  if (!json || !json?.result?.challenge) {
    window?.log?.warn('Parsing failed');
    return null;
  }
  const {
    ciphertext: base64EncodedCiphertext,
    ephemeral_public_key: base64EncodedEphemeralPublicKey,
  } = json?.result?.challenge;

  if (!base64EncodedCiphertext || !base64EncodedEphemeralPublicKey) {
    window?.log?.warn('Parsing failed');
    return null;
  }
  const ciphertext = (await callUtilsWorker(
    'fromBase64ToArrayBuffer',
    base64EncodedCiphertext
  )) as ArrayBuffer;
  const ephemeralPublicKey = (await callUtilsWorker(
    'fromBase64ToArrayBuffer',
    base64EncodedEphemeralPublicKey
  )) as ArrayBuffer;
  try {
    const symmetricKey = (await callUtilsWorker(
      'deriveSymmetricKey',
      new Uint8Array(ephemeralPublicKey),
      new Uint8Array(userKeyPair.privKey)
    )) as ArrayBuffer;

    const plaintextBuffer = await callUtilsWorker(
      'DecryptAESGCM',
      new Uint8Array(symmetricKey),
      new Uint8Array(ciphertext)
    );

    const token = toHex(plaintextBuffer);

    return token;
  } catch (e) {
    window?.log?.error('Failed to decrypt token open group v2');
    return null;
  }
}