package main

import (
	"fmt"
	"log"

	"github.com/gin-contrib/sessions"
	"github.com/gin-contrib/sessions/cookie"
	"github.com/gin-gonic/gin"
	"gorm.io/driver/sqlite"
	"gorm.io/gorm"

	"html/template"
	"oidc-oauth2-server/config"
	"oidc-oauth2-server/handlers"
	"oidc-oauth2-server/middleware"
	"oidc-oauth2-server/models"
	"oidc-oauth2-server/services"
)

func main() {
	// 初始化配置
	if err := config.Init(); err != nil {
		log.Fatalf("Failed to initialize config: %v", err)
	}

	// 初始化数据库连接
	db, err := gorm.Open(sqlite.Open(config.GlobalConfig.Database.Path), &gorm.Config{})
	if err != nil {
		log.Fatalf("Failed to connect to database: %v", err)
	}

	// 运行数据库迁移
	if err := models.AutoMigrate(db); err != nil {
		log.Fatalf("Failed to run database migrations: %v", err)
	}

	// 初始化服务
	authService := services.NewAuthService(db)
	oauthService, err := services.NewOAuthService(db)
	if err != nil {
		log.Fatalf("Failed to initialize OAuth service: %v", err)
	}
	clientService := services.NewClientService(db)
	tokenService := services.NewTokenService(db, oauthService.GetKeyManager())
	adminService := services.NewAdminService(db)

	// 设置 Gin 路由
	r := gin.Default()

	// 设置模板目录
	r.SetFuncMap(template.FuncMap{
		"subtract": func(a, b int) int {
			return a - b
		},
		"add": func(a, b int) int {
			return a + b
		},
	})
	r.LoadHTMLGlob("templates/*")

	// 设置 session 中间件
	store := cookie.NewStore([]byte(config.GlobalConfig.JWT.SigningKey))
	r.Use(sessions.Sessions("oidc_session", store))

	// 健康检查
	r.GET("/health", func(c *gin.Context) {
		c.JSON(200, gin.H{
			"status": "ok",
		})
	})

	// 创建处理器
	authHandler := handlers.NewAuthHandler(authService)
	oidcHandler := handlers.NewOIDCHandler(config.GlobalConfig.OAuth.IssuerURL, oauthService, authService)
	registrationHandler := handlers.NewRegistrationHandler(clientService)
	tokenHandler := handlers.NewTokenHandler(tokenService)
	adminHandler := handlers.NewAdminHandler(adminService)

	// 认证路由
	r.GET("/login", authHandler.ShowLogin)
	r.POST("/login", authHandler.HandleLogin)
	r.GET("/signup", authHandler.ShowSignup)
	r.POST("/signup", authHandler.HandleSignup)

	// OIDC 端点
	r.GET("/.well-known/openid-configuration", oidcHandler.OpenIDConfiguration)
	r.GET("/authorize", oidcHandler.Authorize)
	r.POST("/token", oidcHandler.Token)
	r.GET("/userinfo", middleware.BearerAuth(oauthService.GetKeyManager(), db), oidcHandler.Userinfo)
	r.GET("/jwks", oidcHandler.JWKS)

	// 客户端注册端点
	r.POST("/register", registrationHandler.Register)
	r.GET("/register/:client_id", registrationHandler.GetClient)
	r.PUT("/register/:client_id", registrationHandler.UpdateClient)
	r.DELETE("/register/:client_id", registrationHandler.DeleteClient)

	// 令牌管理端点
	r.POST("/revoke", tokenHandler.Revoke)
	r.POST("/introspect", tokenHandler.Introspect)

	// 管理后台路由
	admin := r.Group("/admin")
	{
		admin.GET("/login", adminHandler.ShowAdminLogin)
		admin.POST("/login", adminHandler.HandleAdminLogin)

		// 需要管理员认证的路由
		authorized := admin.Group("/")
		authorized.Use(middleware.AdminAuthRequired())
		{
			authorized.GET("/dashboard", adminHandler.Dashboard)
			authorized.GET("/users", adminHandler.ListUsers)
			authorized.GET("/clients", adminHandler.ListClients)
		}
	}

	// 启动服务器
	addr := fmt.Sprintf("%s:%d", config.GlobalConfig.Server.Host, config.GlobalConfig.Server.Port)
	log.Printf("Starting server on %s", addr)
	if err := r.Run(addr); err != nil {
		log.Fatalf("Failed to start server: %v", err)
	}
}