package middleware

import (
	"crypto/hmac"
	"crypto/sha256"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"strings"
)

type Header struct {
	Typ string `json:"typ"`
	Alg string `json:"alg"`
}

type Payload struct {
	Sub  string `json:"sub"`
	Name string `json:"name"`
	Iat  int64  `json:"iat"`
}

func base64Encode(src []byte) string {
	return strings.TrimRight(base64.URLEncoding.EncodeToString(src), "=")
}

func createToken(sub, name string, iat int64) (string, error) {
	header := Header{
		Typ: "JWT",
		Alg: "HS256",
	}
	payload := Payload{
		Sub:  sub,
		Name: name,
		Iat:  iat,
	}

	headerJson, err := json.Marshal(header)
	if err != nil {
		return "", err
	}
	payloadJson, err := json.Marshal(payload)
	if err != nil {
		return "", err
	}

	encodedHeader := base64Encode(headerJson)
	encodedPayload := base64Encode(payloadJson)

	return fmt.Sprintf("%s.%s", encodedHeader, encodedPayload), nil
}

func signToken(token, secret string) (string, error) {
	signature := hmac.New(sha256.New, []byte(secret))
	_, err := signature.Write([]byte(token))
	if err != nil {
		return "", err
	}

	return base64Encode(signature.Sum(nil)), nil
}

func verifyToken(jwt, secret string) bool {
	parts := strings.Split(jwt, ".")
	if len(parts) != 3 {
		return false
	}

	signature, err := signToken(fmt.Sprintf("%s.%s", parts[0], parts[1]), secret)
	if err != nil {
		return false
	}

	return signature == parts[2]
}