package com.nebula.erp.inventory.utility;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.impl.TextCodec;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Component;
import java.util.List;
import java.util.Map;

@Component
public class JwtUtils {

    // Method to extract tenant name from JWT token
    public String getTenantName(String token) {
        Claims claims = extractAllClaims(token);

        // Ensure "active_orgs" is of type Map
        Object activeOrgsObj = claims.get("active_orgs");
        if (activeOrgsObj instanceof Map) {
            Map<String, Object> activeOrgs = (Map<String, Object>) activeOrgsObj;

            // Ensure "attribute" is of type Map
            Object attributeObj = activeOrgs.get("attribute");
            if (attributeObj instanceof Map) {
                Map<String, Object> attribute = (Map<String, Object>) attributeObj;

                // Ensure "ehrnTenant" is a List
                Object ehrnTenantObj = attribute.get("ehrnTenant");
                if (ehrnTenantObj instanceof List) {
                    List<?> tenantList = (List<?>) ehrnTenantObj;
                    if (!tenantList.isEmpty()) {
                        return tenantList.get(0).toString(); // Return the first tenant name
                    }
                }
            }
        }
        return ""; // Return an empty string if not found
    }

    // Method to extract user id from JWT token
    public String getUserId(String token) {
        Claims claims = extractAllClaims(token);
        return claims.get("sub").toString();
    }

    // Method to check if the token has expired
    public boolean isTokenExpired(String token) {
        final Claims claims = extractAllClaims(token);
        return claims.getExpiration().before(new java.util.Date());
    }

    // Extract claims from JWT token without signature validation
    private Claims extractAllClaims(String token) {
        // Split the JWT into parts (header, payload, signature)
        String[] parts = token.split("\\.");
        if (parts.length != 3) {
            throw new IllegalArgumentException("Invalid JWT token format");
        }

        // Decode the payload (the second part) to extract claims
        String payload = TextCodec.BASE64URL.decodeToString(parts[1]);

        // Use Jwts.parser() but skip signature validation
        return Jwts.parser()
                .parseClaimsJwt(parts[0] + "." + parts[1] + ".") // Skip the signature (third part)
                .getBody();
    }

    // Retrieve token from Authorization header
    public String extractTokenFromHeaders(HttpHeaders headers) {
        String bearerToken = headers.getFirst(HttpHeaders.AUTHORIZATION);
        if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
            return bearerToken.substring(7); // Remove "Bearer " prefix
        }
        return null;
    }
}