using System.Security.Cryptography;
using Microsoft.AspNetCore.WebUtilities;

namespace Foxchat.Identity.Database.Models;

public class Application : BaseModel
{
    public required string ClientId { get; init; }
    public required string ClientSecret { get; init; }
    public required string Name { get; init; }
    public required string[] Scopes { get; init; }

    public static Application Create(string name, string[] scopes)
    {
        var clientId = RandomNumberGenerator.GetHexString(16, true);
        var clientSecretBytes = RandomNumberGenerator.GetBytes(48);
        var clientSecret = WebEncoders.Base64UrlEncode(clientSecretBytes);

        if (!scopes.All(s => Scope.ValidScopes.Contains(s)))
        {
            throw new ArgumentException("Invalid scopes passed to Application.Create", nameof(scopes));
        }

        return new Application
        {
            ClientId = clientId,
            ClientSecret = clientSecret,
            Name = name,
            Scopes = scopes,
        };
    }
}

public static class Scope
{
    /// <summary>
    /// OAuth scope for identifying a user and nothing else.
    /// </summary>
    public const string Identity = "identity";
    /// <summary>
    /// OAuth scope for a full chat client. This grants *full access* to an account.
    /// </summary>
    public const string ChatClient = "chat_client";

    public static readonly string[] ValidScopes = [Identity, ChatClient];
}