package handler

import (
	"bufio"
	"bytes"
	"encoding/hex"
	"errors"
	"io"
	"net/http"
	"time"

	v4 "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4"
	errs "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
	"github.com/aws/aws-sdk-go/aws/credentials"
)

const (
	chunkSignatureHeader = "chunk-signature="
	maxChunkSize         = 16 << 20
)

type (
	s3ChunkReader struct {
		reader       *bufio.Reader
		streamSigner *v4.StreamSigner

		requestTime time.Time
		buffer      []byte
		offset      int
		err         error
	}
)

var (
	errGiantChunk               = errors.New("chunk too big: choose chunk size <= 16MiB")
	errMalformedChunkedEncoding = errors.New("malformed chunked encoding")
)

func (c *s3ChunkReader) Close() (err error) {
	return nil
}

func (c *s3ChunkReader) Read(buf []byte) (num int, err error) {
	if c.offset > 0 {
		num = copy(buf, c.buffer[c.offset:])
		if num == len(buf) {
			c.offset += num
			return num, nil
		}
		c.offset = 0
		buf = buf[num:]
	}

	var size int
	for {
		b, err := c.reader.ReadByte()
		if err == io.EOF {
			err = io.ErrUnexpectedEOF
		}
		if err != nil {
			c.err = err
			return num, c.err
		}
		if b == ';' { // separating character
			break
		}

		// Manually deserialize the size since AWS specified
		// the chunk size to be of variable width. In particular,
		// a size of 16 is encoded as `10` while a size of 64 KB
		// is `10000`.
		switch {
		case b >= '0' && b <= '9':
			size = size<<4 | int(b-'0')
		case b >= 'a' && b <= 'f':
			size = size<<4 | int(b-('a'-10))
		case b >= 'A' && b <= 'F':
			size = size<<4 | int(b-('A'-10))
		default:
			c.err = errMalformedChunkedEncoding
			return num, c.err
		}
		if size > maxChunkSize {
			c.err = errGiantChunk
			return num, c.err
		}
	}

	// Now, we read the signature of the following payload and expect:
	//   chunk-signature=" + <signature-as-hex> + "\r\n"
	//
	// The signature is 64 bytes long (hex-encoded SHA256 hash) and
	// starts with a 16 byte header: len("chunk-signature=") + 64 == 80.
	var signature [80]byte
	_, err = io.ReadFull(c.reader, signature[:])
	if err == io.EOF {
		err = io.ErrUnexpectedEOF
	}
	if err != nil {
		c.err = err
		return num, c.err
	}
	if !bytes.HasPrefix(signature[:], []byte(chunkSignatureHeader)) {
		c.err = errMalformedChunkedEncoding
		return num, c.err
	}
	b, err := c.reader.ReadByte()
	if err == io.EOF {
		err = io.ErrUnexpectedEOF
	}
	if err != nil {
		c.err = err
		return num, c.err
	}
	if b != '\r' {
		c.err = errMalformedChunkedEncoding
		return num, c.err
	}
	b, err = c.reader.ReadByte()
	if err == io.EOF {
		err = io.ErrUnexpectedEOF
	}
	if err != nil {
		c.err = err
		return num, c.err
	}
	if b != '\n' {
		c.err = errMalformedChunkedEncoding
		return num, c.err
	}

	if cap(c.buffer) < size {
		c.buffer = make([]byte, size)
	} else {
		c.buffer = c.buffer[:size]
	}

	// Now, we read the payload and compute its SHA-256 hash.
	_, err = io.ReadFull(c.reader, c.buffer)
	if err == io.EOF && size != 0 {
		err = io.ErrUnexpectedEOF
	}
	if err != nil && err != io.EOF {
		c.err = err
		return num, c.err
	}
	b, err = c.reader.ReadByte()
	if b != '\r' || err != nil {
		c.err = errMalformedChunkedEncoding
		return num, c.err
	}
	b, err = c.reader.ReadByte()
	if err == io.EOF {
		err = io.ErrUnexpectedEOF
	}
	if err != nil {
		c.err = err
		return num, c.err
	}
	if b != '\n' {
		c.err = errMalformedChunkedEncoding
		return num, c.err
	}

	// Once we have read the entire chunk successfully, we verify
	// that the received signature matches our computed signature.

	calculatedSignature, err := c.streamSigner.GetSignature(nil, c.buffer, c.requestTime)
	if err != nil {
		c.err = err
		return num, c.err
	}
	if string(signature[16:]) != hex.EncodeToString(calculatedSignature) {
		c.err = errs.GetAPIError(errs.ErrSignatureDoesNotMatch)
		return num, c.err
	}

	// If the chunk size is zero we return io.EOF. As specified by AWS,
	// only the last chunk is zero-sized.
	if size == 0 {
		c.err = io.EOF
		return num, c.err
	}

	c.offset = copy(buf, c.buffer)
	num += c.offset
	return num, err
}

func newSignV4ChunkedReader(req *http.Request) (io.ReadCloser, error) {
	box, err := middleware.GetBoxData(req.Context())
	if err != nil {
		return nil, errs.GetAPIError(errs.ErrAuthorizationHeaderMalformed)
	}

	authHeaders, err := middleware.GetAuthHeaders(req.Context())
	if err != nil {
		return nil, errs.GetAPIError(errs.ErrAuthorizationHeaderMalformed)
	}

	currentCredentials := credentials.NewStaticCredentials(authHeaders.AccessKeyID, box.Gate.SecretKey, "")
	seed, err := hex.DecodeString(authHeaders.SignatureV4)
	if err != nil {
		return nil, errs.GetAPIError(errs.ErrSignatureDoesNotMatch)
	}

	reqTime, err := middleware.GetClientTime(req.Context())
	if err != nil {
		return nil, errs.GetAPIError(errs.ErrMalformedDate)
	}
	newStreamSigner := v4.NewStreamSigner(authHeaders.Region, "s3", seed, currentCredentials)

	return &s3ChunkReader{
		reader:       bufio.NewReader(req.Body),
		streamSigner: newStreamSigner,
		requestTime:  reqTime,
		buffer:       make([]byte, 64*1024),
	}, nil
}