package io.cattle.platform.iaas.api.request.handler;

import io.cattle.platform.api.utils.ApiUtils;
import io.cattle.platform.core.addon.SecretReference;
import io.cattle.platform.core.constants.InstanceConstants;
import io.cattle.platform.core.dao.SecretDao;
import io.cattle.platform.core.dao.SecretDao.InstanceAndHost;
import io.cattle.platform.core.model.Secret;
import io.cattle.platform.framework.secret.SecretValue;
import io.cattle.platform.framework.secret.SecretsService;
import io.cattle.platform.json.JsonMapper;
import io.cattle.platform.object.ObjectManager;
import io.cattle.platform.object.util.DataAccessor;
import io.cattle.platform.token.TokenException;
import io.cattle.platform.token.TokenService;
import io.github.ibuildthecloud.gdapi.exception.ClientVisibleException;
import io.github.ibuildthecloud.gdapi.request.ApiRequest;
import io.github.ibuildthecloud.gdapi.request.handler.AbstractResponseGenerator;
import io.github.ibuildthecloud.gdapi.util.ResponseCodes;

import java.io.IOException;
import java.util.List;
import java.util.Map;

import javax.inject.Inject;

import org.apache.commons.lang3.StringUtils;

public class SecretsApiRequestHandler extends AbstractResponseGenerator {

    private String CONTENT_TYPE = "application/x-api-secrets-token";

    @Inject
    ObjectManager objectManager;
    @Inject
    TokenService tokenService;
    @Inject
    SecretDao secretDao;
    @Inject
    JsonMapper jsonMapper;
    @Inject
    SecretsService secretsService;

    @Override
    protected void generate(final ApiRequest request) throws IOException {
        if (!"secret".equals(request.getType()) || !"POST".equals(request.getMethod())) {
            return;
        }

        if (!CONTENT_TYPE.equalsIgnoreCase(request.getServletContext().getRequest().getContentType())) {
            return;
        }

        String token = request.proxyRequestObject(Secret.class).getValue();
        Map<String, Object> value = null;
        try {
            value = tokenService.getJsonPayload(token, false);
        } catch (TokenException e) {
            throw new ClientVisibleException(ResponseCodes.FORBIDDEN);
        }

        String uuid = DataAccessor.fromMap(value).withKey("uuid").as(String.class);
        if (StringUtils.isBlank(uuid)) {
            throw new ClientVisibleException(ResponseCodes.NOT_FOUND);
        }

        InstanceAndHost ih = secretDao.getHostForInstanceUUIDAndAuthAccount(ApiUtils.getPolicy().getAccountId(), uuid);
        if (ih == null) {
            throw new ClientVisibleException(ResponseCodes.NOT_FOUND);
        }

        List<SecretReference> secrets = DataAccessor.fieldObjectList(ih.instance, InstanceConstants.FIELD_SECRETS, SecretReference.class, jsonMapper);
        List<SecretValue> values = secretsService.getValues(secrets, ih.host);

        jsonMapper.writeValue(request.getOutputStream(), values);
        request.setResponseObject(new Object());
    }

}