using System.Security.Cryptography;
using IdentityShroud.Core.Contracts;
using IdentityShroud.Core.Messages;
using IdentityShroud.Core.Model;
using IdentityShroud.Core.Security;
using Microsoft.AspNetCore.WebUtilities;

namespace IdentityShroud.Api.Mappers;

public class KeyMapper(IEncryptionService encryptionService)
{
    public JsonWebKey? KeyToJsonWebKey(RealmKey realmKey)
    {

        JsonWebKey result = new()
        {
            KeyId = realmKey.Id.ToString(),
            Use = "sig",
        };
        switch (realmKey.KeyType)
        {
            case "RSA":
                using (var rsa = RsaHelper.LoadFromPkcs8(realmKey.GetPrivateKey(encryptionService)))
                {
                    RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
                    result.KeyType = rsa.SignatureAlgorithm;
                    result.Exponent = WebEncoders.Base64UrlEncode(parameters.Exponent!);
                    result.Modulus = WebEncoders.Base64UrlEncode(parameters.Modulus!);
                }
                break;
        
            default:
                return null;
        }

        return result; 
    }

    public JsonWebKeySet KeyListToJsonWebKeySet(IEnumerable<RealmKey> keys)
    {
        JsonWebKeySet wks = new();
        foreach (var k in keys)
        {
            var wk = KeyToJsonWebKey(k);
            if (wk is {})
            {
                wks.Keys.Add(wk);
            }
        }
        return wks;
    }
}