package sso

import (
	"context"
	"encoding/base64"
	"eta/eta_bridge/global"
	"eta/eta_bridge/logic/htfutures"
	"eta/eta_bridge/utils"
	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/metadata"
	"google.golang.org/grpc/status"
)

type SSOService struct {
	UnimplementedSSOLoginServer
}

var (
	source = []string{"weapp"}
)

func (s *SSOService) Login(ctx context.Context, req *LoginRequest) (*LoginResponse, error) {
	// 获取AES秘钥
	md, ok := metadata.FromIncomingContext(ctx)
	if !ok {
		return nil, status.Errorf(codes.InvalidArgument, "元数据为空")
	}
	// 从元数据中提取签名相关的信息encrypted-aes-key
	encryptedAESKey, ok := md["key"]
	if !ok || len(encryptedAESKey) == 0 {
		return nil, status.Errorf(codes.InvalidArgument, "encryptedAESKey不能为空")
	}
	decryptedAESKey, err := base64Decode(encryptedAESKey[0])

	if err != nil {
		return nil, status.Errorf(codes.InvalidArgument, "base64解码AES秘钥失败")
	}
	//加密code
	encryptedCode, err := base64Decode(req.Code)
	if err != nil {
		return nil, status.Errorf(codes.InvalidArgument, "base64解码code失败")
	}
	if len(encryptedCode) == 0 {
		return &LoginResponse{
			ErrCode: 10001,
			ErrMsg:  "登录失败，code不能为空",
			Msg:     "登录失败",
		}, nil
	}
	privateKey, err := utils.ParsePrivateKeyFromPEM(global.CONFIG.HTFutures.PrivateKeyPemPath)
	if err != nil {
		return &LoginResponse{
			ErrCode: 10002,
			ErrMsg:  "登录失败，解析私钥失败",
			Msg:     "登录失败",
		}, nil
	}
	aesKey, err := utils.DecryptWithRSA(privateKey, decryptedAESKey)
	if err != nil {
		return &LoginResponse{
			ErrCode: 10003,
			ErrMsg:  "登录失败，解密失败",
			Msg:     "登录失败",
		}, nil
	}
	code, err := utils.DecryptWithAES(aesKey, encryptedCode)
	if err != nil {
		return &LoginResponse{
			ErrCode: 10004,
			ErrMsg:  "登录失败，解析code失败",
			Msg:     "登录失败",
		}, nil
	}
	global.FILE_LOG.Info("传入参数code:%v", code)
	token, err := htfutures.GetToken(string(code), req.Source)
	if err != nil {
		return &LoginResponse{
			ErrCode: 10005,
			ErrMsg:  "登录失败，获取token失败",
			Msg:     "登录失败",
		}, nil
	}
	global.FILE_LOG.Info("返回的token结果集%v", token)
	user, err := htfutures.GetUserInfo(token, req.Source)
	if err != nil {
		return &LoginResponse{
			ErrCode: 10006,
			ErrMsg:  "登录失败，获取token失败",
			Msg:     "登录失败",
		}, nil
	}
	global.FILE_LOG.Info("返回的userInfo结果集%v", user)
	return &LoginResponse{
		Msg: "登录成功",
		Data: &UserInfo{
			Name:     user.Name,
			UserId:   user.UserId,
			Username: user.Username,
		},
	}, nil
}

func base64Encode(data []byte) string {
	return base64.StdEncoding.EncodeToString(data)
}

// Base64Decode 对数据进行 Base64 解码
func base64Decode(data string) ([]byte, error) {
	return base64.StdEncoding.DecodeString(data)
}