package frostfsid

import (
	"context"
	"fmt"
	"strings"

	"git.frostfs.info/TrueCloudLab/frostfs-contract/frostfsid/client"
	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/authmate"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ns"
	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
	"github.com/nspcc-dev/neo-go/pkg/util"
	"github.com/nspcc-dev/neo-go/pkg/wallet"
)

type FrostFSID struct {
	cli *client.Client
}

type Config struct {
	// RPCAddress is an endpoint to connect to neo rpc.
	RPCAddress string

	// Contract is hash of contract or its name in NNS.
	Contract string

	// Key is used to interact with frostfsid contract.
	// If this is nil than random key will be generated.
	Key *keys.PrivateKey
}

var (
	_ middleware.FrostFSID = (*FrostFSID)(nil)
	_ authmate.FrostFSID   = (*FrostFSID)(nil)
)

// New creates new FrostfsID contract wrapper that implements auth.FrostFSID interface.
func New(ctx context.Context, cfg Config) (*FrostFSID, error) {
	contractHash, err := fetchContractHash(cfg)
	if err != nil {
		return nil, fmt.Errorf("resolve frostfs contract hash: %w", err)
	}

	key := cfg.Key
	if key == nil {
		if key, err = keys.NewPrivateKey(); err != nil {
			return nil, fmt.Errorf("generate anon private key for frostfsid: %w", err)
		}
	}

	rpcCli, err := rpcclient.New(ctx, cfg.RPCAddress, rpcclient.Options{})
	if err != nil {
		return nil, fmt.Errorf("init rpc client: %w", err)
	}

	cli, err := client.New(rpcCli, wallet.NewAccountFromPrivateKey(key), contractHash, nil)
	if err != nil {
		return nil, fmt.Errorf("init frostfsid client: %w", err)
	}

	return &FrostFSID{
		cli: cli,
	}, nil
}

func (f *FrostFSID) ValidatePublicKey(key *keys.PublicKey) error {
	_, err := f.cli.GetSubjectByKey(key)
	return err
}

func (f *FrostFSID) RegisterPublicKey(key *keys.PublicKey) error {
	_, err := f.cli.Wait(f.cli.CreateSubject(key))
	if err != nil && !strings.Contains(err.Error(), "subject already exists") {
		return err
	}

	return nil
}

func fetchContractHash(cfg Config) (util.Uint160, error) {
	if hash, err := util.Uint160DecodeStringLE(cfg.Contract); err == nil {
		return hash, nil
	}

	splitName := strings.Split(cfg.Contract, ".")
	if len(splitName) != 2 {
		return util.Uint160{}, fmt.Errorf("invalid contract name: '%s'", cfg.Contract)
	}

	var domain container.Domain
	domain.SetName(splitName[0])
	domain.SetZone(splitName[1])

	var nns ns.NNS
	if err := nns.Dial(cfg.RPCAddress); err != nil {
		return util.Uint160{}, fmt.Errorf("dial nns %s: %w", cfg.RPCAddress, err)
	}

	return nns.ResolveContractHash(domain)
}