<?php

declare(strict_types=1);

namespace App\Http\Controllers\Admin;

use App\Http\Controllers\Controller;
use App\Models\PreregistrationPage;
use App\Services\WeeztixService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use RuntimeException;

class WeeztixOAuthController extends Controller
{
    public function redirect(PreregistrationPage $page): RedirectResponse
    {
        $this->authorize('update', $page);

        $page->load('weeztixConfig');
        $config = $page->weeztixConfig;
        if ($config === null) {
            return redirect()
                ->route('admin.pages.weeztix.edit', $page)
                ->with('error', __('Sla eerst je client ID en client secret op.'));
        }

        $clientId = $config->client_id;
        if (! is_string($clientId) || $clientId === '') {
            return redirect()
                ->route('admin.pages.weeztix.edit', $page)
                ->with('error', __('Vul een geldige Weeztix client ID in.'));
        }

        $state = Str::random(40);
        session([
            'weeztix_oauth_state' => $state,
            'weeztix_page_id' => $page->id,
        ]);

        $redirectUri = $config->redirect_uri;
        if (! is_string($redirectUri) || $redirectUri === '') {
            $redirectUri = route('admin.weeztix.callback', absolute: true);
        }

        $query = http_build_query([
            'client_id' => $clientId,
            'redirect_uri' => $redirectUri,
            'response_type' => 'code',
            'state' => $state,
        ]);

        $authorizeUrl = config('weeztix.oauth_authorize_url');

        return redirect()->away($authorizeUrl.'?'.$query);
    }

    public function callback(Request $request): RedirectResponse
    {
        if ($request->filled('error')) {
            Log::warning('Weeztix OAuth provider error', [
                'error' => $request->string('error')->toString(),
                'description' => $request->string('error_description')->toString(),
            ]);

            return $this->redirectToWeeztixEditWithSessionPage(__('Weeztix heeft de verbinding geweigerd. Probeer opnieuw.'));
        }

        $request->validate([
            'state' => ['required', 'string'],
            'code' => ['required', 'string'],
        ]);

        $storedState = session('weeztix_oauth_state');
        $pageId = session('weeztix_page_id');
        if (! is_string($storedState) || $storedState === '' || ($pageId === null || (! is_int($pageId) && ! is_numeric($pageId)))) {
            return redirect()
                ->route('admin.dashboard')
                ->with('error', __('Ongeldige OAuth-sessie. Start opnieuw vanaf de Weeztix-pagina.'));
        }

        if ($request->string('state')->toString() !== $storedState) {
            abort(403, 'Invalid OAuth state');
        }

        $page = PreregistrationPage::query()->findOrFail((int) $pageId);
        $this->authorize('update', $page);

        $config = $page->weeztixConfig;
        if ($config === null) {
            session()->forget(['weeztix_oauth_state', 'weeztix_page_id']);

            return redirect()
                ->route('admin.pages.weeztix.edit', $page)
                ->with('error', __('Geen Weeztix-configuratie gevonden voor deze pagina.'));
        }

        try {
            $service = new WeeztixService($config);
            $service->exchangeAuthorizationCode($request->string('code')->toString());
            $config = $config->fresh();
            if ($config !== null) {
                (new WeeztixService($config))->ensureCompanyStoredFromWeeztix();
            }
        } catch (RuntimeException $e) {
            Log::error('Weeztix OAuth callback failed', [
                'page_id' => $page->id,
                'message' => $e->getMessage(),
            ]);

            session()->forget(['weeztix_oauth_state', 'weeztix_page_id']);

            return redirect()
                ->route('admin.pages.weeztix.edit', $page)
                ->with('error', __('Verbinden met Weeztix is mislukt. Controleer je gegevens en probeer opnieuw.'));
        }

        session()->forget(['weeztix_oauth_state', 'weeztix_page_id']);

        return redirect()
            ->route('admin.pages.weeztix.edit', $page)
            ->with('status', __('Succesvol verbonden met Weeztix.'));
    }

    private function redirectToWeeztixEditWithSessionPage(string $message): RedirectResponse
    {
        $pageId = session('weeztix_page_id');
        session()->forget(['weeztix_oauth_state', 'weeztix_page_id']);

        if (is_int($pageId) || is_numeric($pageId)) {
            $page = PreregistrationPage::query()->find((int) $pageId);
            if ($page !== null) {
                return redirect()
                    ->route('admin.pages.weeztix.edit', $page)
                    ->with('error', $message);
            }
        }

        return redirect()
            ->route('admin.dashboard')
            ->with('error', $message);
    }
}