package org.egl_cepgl.pm.jwt;

import lombok.extern.slf4j.Slf4j;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtClaimNames;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
import org.springframework.stereotype.Component;

import java.util.*;
import java.util.stream.Collectors;
import java.util.stream.Stream;

@Slf4j
@Component
public class JwtConverter implements Converter<Jwt, CustomJwt>
{
    @Override
    public CustomJwt convert(Jwt source) {
        List<GrantedAuthority> grantedAuthorityList= extractAuthorities(source);
        var customJwt= new CustomJwt(source, grantedAuthorityList);
        customJwt.setEmail(source.getClaimAsString("email"));
        return customJwt;
    }

    private List<GrantedAuthority> extractAuthorities(Jwt source)
    {
        var result= new ArrayList<GrantedAuthority>();
        var realm_access= source.getClaimAsMap("realm_access");
        var resourceAccess = source.getClaimAsMap("resource_access");
        if(realm_access != null && realm_access.get("roles") != null){
            var roles = realm_access.get("roles");
            if(roles instanceof List l){
                l.forEach(role -> {
                    result.add(new SimpleGrantedAuthority("ROLE_"+role));
                });
            }
        }
        if(resourceAccess != null && resourceAccess.get("egl_pm") != null){
            var client = (Map<String, Object>) resourceAccess.get("egl_pm");
            if(resourceAccess != null && client.get("roles") != null){
                var croles = client.get("roles");
                if(croles instanceof List l){
                    l.forEach(role -> {
                        result.add(new SimpleGrantedAuthority("ROLE_"+role));
                    });
                }
            }
        }
        log.info("BVDDDDDDDDD++++"+result.toString());
        return result;
    }
}



//    private Collection<? extends GrantedAuthority> extractResourceRoles(Jwt jwt) {
//        Map<String, Object> resourceAccess = jwt.getClaim("resource_access");
//        Map<String, Collection<String>> realmAccess = jwt.getClaim("realm_access");
//        Map<String, Object> resource;
//        Collection<String> resourceRoles;
//
//        if (resourceAccess == null
//                || (resource = (Map<String, Object>) resourceAccess.get(properties.getResourceId())) == null
//                || (resourceRoles = (Collection<String>) resource.get("roles")) == null) {
//            return Set.of();
//        }
////        realmAccess.get("roles").forEach(role -> {
////            resourceRoles.add(role);
////        });
//        log.info("BVDDDDDDDDDD==="+realmAccess.get("roles").toString());
//        log.info("BVDDDDDDDDD==="+resourceRoles.toString());
//        return resourceRoles.stream()
//                .map(role -> new SimpleGrantedAuthority("ROLE_" + role))
//                .collect(Collectors.toSet());
//    }