import axios from 'axios';
import dotenv from 'dotenv';

dotenv.config();

const KEYCLOAK_URL = process.env.KEYCLOAK_URL || 'https://auth.mrx8086.com';
const NEXTCLOUD_CLIENT_ID = process.env.NEXTCLOUD_CLIENT_ID || 'nextcloud';
const TESTADMIN_USERNAME = "testadmin@mrx8086.com";
const TESTADMIN_PASSWORD = process.env.TESTADMIN_PASSWORD;
const REALM_NAME = 'office-automation';
const CLIENT_SECRET = process.env.KEYCLOAK_NEXTCLOUD_CLIENT_SECRET;

// Hilfsfunktion für API-Fehlerbehandlung
const handleAxiosError = (error, operation, config, response) => {
     console.error(`Error during ${operation}:`);
    if (config) {
      console.error('Request:', {
          method: config.method,
          url: config.url,
          headers: config.headers,
          data: config.data,
      });
    }
    if (error.response) {
        console.error('Response:', {
            status: error.response.status,
            data: error.response.data
        });
    } else {
        console.error('Error Message:', error.message);
    }
    throw error;
};

// Funktion um den Access Token abzufragen
async function getAccessToken(username, password) {
  try {
    const response = await axios.post(
      `${KEYCLOAK_URL}/realms/${REALM_NAME}/protocol/openid-connect/token`,
      new URLSearchParams({
        client_id: NEXTCLOUD_CLIENT_ID,
        client_secret: CLIENT_SECRET,
        grant_type: 'password',
        username: username,
        password: password,
      }),
      {
        headers: {
          'Content-Type': 'application/x-www-form-urlencoded',
        },
      }
    );
    return response.data.access_token;
  } catch (error) {
      handleAxiosError(error, 'getting access token', error.config, error.response);
      return null;
  }
}


// Funktion zum Decodieren eines JWT-Tokens
function decodeToken(token) {
    try {
        const base64Url = token.split('.')[1];
        const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
        const jsonPayload = decodeURIComponent(atob(base64).split('').map(function (c) {
            return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
        }).join(''));

        return JSON.parse(jsonPayload);
    } catch (error) {
        console.error("Error decoding token:", error.message);
        return null;
    }
}

// Prüfe ob ein Admin Token korrekt generiert werden kann
async function testKeycloakLogin() {
    try {
        const accessToken = await getAccessToken(TESTADMIN_USERNAME, TESTADMIN_PASSWORD);

        if (!accessToken) {
            console.error('Failed to get access token.');
            return;
        }
        console.log('Access Token:', accessToken);
        const decodedToken = decodeToken(accessToken);
        if(decodedToken) {
             console.log('Decoded Access Token:', decodedToken);
            if (Array.isArray(decodedToken.groups) && decodedToken.groups.includes('nextcloud-admins')){
                console.log("Admin Group is set correctly!")
            } else if (typeof decodedToken.groups === 'string' && decodedToken.groups.includes('nextcloud-admins')) {
                console.log("Admin Group is set correctly!")
            }
             else {
                 console.error("Admin Group is not set correctly!")
            }
        }


    } catch (error) {
        console.error('An error occurred:', error);
    }
}

testKeycloakLogin();