package middleware

import (
	"q5"
	"f5"
	"mt"
	"fmt"
	"github.com/gin-gonic/gin"
)

/*
	'Authorization Bearer {JwtToken}'
*/
func JwtAuth(c *gin.Context) {
	tokenHeader := c.Request.Header.Get("Authorization")
	jwtToken := ""
	if len(tokenHeader) < 8 {
		jwtToken = tokenHeader[8:len(tokenHeader)]
	}

	params := map[string]string{
		"c": "Jwt",
		"a": "verify",
	}
	jsonReqObj := &struct {
		JwksUri string `json:"jwksUri"`
		Data string `json:"data"`
	}{
		JwksUri: mt.Table.Config.GetJwksUri(),
		Data: jwtToken,
	}
	jsonRspObj := &struct {
		ErrCode interface{} `json:"errcode"`
		ErrMsg string `json:"errmsg"`
		Decoded struct {
			Sub string `json:"sub"`
			Email string `json:"email"`
			EmailVerified bool `json:"email_verified"`
			Sid string `json:"sid"`
		} `json:"decoded"`
	}{}
	rspObj := &struct {
		ErrCode interface{} `json:"errcode"`
		ErrMsg string `json:"errmsg"`
	}{}
	paramsStr := q5.EncodeJson(jsonReqObj)
	url := fmt.Sprintf("%s/webapp/index.php", mt.Table.Web3ServiceCluster.RandElement().GetUrl())
	f5.GetHttpCliMgr().SendGoStyleJsonRspPost(
		url,
		params,
		jsonRspObj,
		q5.HTTP_HEADER_JSON,
		paramsStr,
		func(rsp f5.HttpCliResponse) {
			if rsp.GetErr() != nil ||
				!rsp.JsonParseOk() {
				rspObj.ErrCode = 500
				rspObj.ErrMsg = "server internal error"
				c.JSON(200, rspObj)
				c.Abort()
				return
			}
			rspObj.ErrCode = q5.SafeToInt32(jsonRspObj.ErrCode)
			rspObj.ErrMsg = jsonRspObj.ErrMsg
			if rspObj.ErrCode != 0 {
				rspObj.ErrCode = 501
				rspObj.ErrMsg = "jwt error"
				c.JSON(200, rspObj)
				c.Abort()
				return
			}
			c.Set("open_id", jsonRspObj.Decoded.Sub)
			c.Next()
		})
}