package auth

import (
	_ "embed"
	"encoding/json"
	"strings"

	"github.com/bluesky-social/indigo/atproto/auth/oauth"
)

// NOTE: if the server-side metadata changes, this file will also need to change.
//
//go:embed client-metadata.json
var metadataJson []byte

type ClientMetadata struct {
	ClientID                    string   `json:"client_id"`
	ClientName                  string   `json:"client_name"`
	SubjectType                 string   `json:"subject_type"`
	ClientURI                   string   `json:"client_uri"`
	RedirectURIs                []string `json:"redirect_uris"`
	GrantTypes                  []string `json:"grant_types"`
	ResponseTypes               []string `json:"response_types"`
	ApplicationType             string   `json:"application_type"`
	DpopBoundAccessTokens       bool     `json:"dpop_bound_access_tokens"`
	JwksURI                     string   `json:"jwks_uri"`
	Scope                       string   `json:"scope"`
	TokenEndpointAuthMethod     string   `json:"token_endpoint_auth_method"`
	TokenEndpointAuthSigningAlg string   `json:"token_endpoint_auth_signing_alg"`
}

func GetClientMetadata() ClientMetadata {
	var cm ClientMetadata
	json.Unmarshal(metadataJson, &cm)
	return cm
}

// GetClientConfig returns the OAuth client configuration for indigo
func GetClientConfig() oauth.ClientConfig {
	metadata := GetClientMetadata()

	// Split space-separated scopes from metadata into slice
	scopes := strings.Fields(metadata.Scope)

	return oauth.NewPublicConfig(
		metadata.ClientID,
		metadata.RedirectURIs[0],
		scopes,
	)
}