import dotenv from 'dotenv';
import axios from 'axios';

// Load environment variables
dotenv.config();
console.log('Environment variables loaded.');

// Configuration constants
const KEYCLOAK_URL = process.env.KEYCLOAK_URL || 'https://auth.mrx8086.com';
const ADMIN_USERNAME = process.env.KEYCLOAK_ADMIN_USER;
const ADMIN_PASSWORD = process.env.KEYCLOAK_ADMIN_PASSWORD;
const REALM_NAME = 'office-automation';

console.log('Configuration constants set:', { KEYCLOAK_URL, ADMIN_USERNAME, REALM_NAME });


// Helper function for API error handling
const handleAxiosError = (error, operation, config, response) => {
    console.error(`Error during ${operation}:`);
    if (config) {
        console.error('Request:', {
            method: config.method,
            url: config.url,
            headers: config.headers,
            data: config.data,
        });
    }
    if (error.response) {
        console.error('Response:', {
            status: error.response.status,
            data: error.response.data
        });
    } else {
        console.error('Error Message:', error.message);
    }
    throw error;
};


// Get Admin Token
async function getAdminToken() {
    console.log('Getting admin token...');
    try {
        const response = await axios.post(
            `${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token`,
            new URLSearchParams({
                'client_id': 'admin-cli',
                'username': ADMIN_USERNAME,
                'password': ADMIN_PASSWORD,
                'grant_type': 'password'
            }),
            {
                headers: {
                    'Content-Type': 'application/x-www-form-urlencoded'
                }
            }
        );
        console.log('Admin token received.');
        return response.data.access_token;
    } catch (error) {
        handleAxiosError(error, 'getting admin token');
    }
}


async function getClientScope(token, scopeName) {
    console.log(`Getting client scope ${scopeName}...`);
    try {
        const response = await axios.get(
            `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/client-scopes`,
            {
                headers: {
                    'Authorization': `Bearer ${token}`
                },
                params: {
                    name: scopeName
                }
            }
        );

        if (response.data.length === 0) {
            console.log(`Client Scope ${scopeName} not found`);
            return null;
        }
        console.log(`Client scope ${scopeName} found.`);
        return response.data[0]
    } catch (error) {
        handleAxiosError(error, `getting client scope ${scopeName}`, error.config, error.response);
        return null;
    }
}


async function deleteClientScope(token, scopeId) {
    console.log(`Deleting client scope with ID ${scopeId}...`);
    try {
        await axios.delete(
            `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/client-scopes/${scopeId}`,
            {
                headers: {
                    'Authorization': `Bearer ${token}`
                }
            }
        );
        console.log(`Client scope with ID ${scopeId} deleted successfully.`);
    } catch (error) {
        handleAxiosError(error, `deleting client scope with ID ${scopeId}`);
    }
}

async function deleteMapper(token, scopeId, mapperId) {
   console.log(`Deleting mapper ${mapperId} of client scope with ID ${scopeId}`);
    try {
        await axios.delete(
            `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/client-scopes/${scopeId}/protocol-mappers/models/${mapperId}`,
            {
                headers: {
                    'Authorization': `Bearer ${token}`
                }
            }
        );
        console.log(`Mapper with ID ${mapperId} deleted successfully.`);
    } catch (error) {
         handleAxiosError(error, `deleting mapper ${mapperId} for client scope with ID ${scopeId}`);
    }
}

async function getClientScopeMappers(token, scopeId) {
    console.log(`Getting mappers for client scope with ID ${scopeId}...`);
    try {
         const response = await axios.get(
            `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/client-scopes/${scopeId}/protocol-mappers/models`,
            {
                headers: {
                    'Authorization': `Bearer ${token}`
                }
            }
        );
        console.log(`Mappers for client scope with ID ${scopeId} retrieved.`);
        return response.data
    } catch (error) {
        handleAxiosError(error, `getting mappers for client scope with ID ${scopeId}`);
        return [];
    }
}


async function deleteGroupsNextcloudScope() {
    try {
        console.log('Starting deletion of groups-nextcloud scope and its mapper...');
        const token = await getAdminToken();
         const clientScope = await getClientScope(token, "groups-nextcloud");

        if (!clientScope) {
            console.log("Client scope groups-nextcloud not found, nothing to delete.")
            return;
        }

        const mappers = await getClientScopeMappers(token, clientScope.id)
        const groupsMapper = mappers.find(m => m.name === "groups-mapper");
        if (groupsMapper)
            await deleteMapper(token, clientScope.id, groupsMapper.id)
        await deleteClientScope(token, clientScope.id);

        console.log('Deletion of groups-nextcloud scope and its mapper completed successfully.');

    } catch (error) {
        console.error('Deletion failed:', error);
        process.exit(1);
    }
}



// Execute the deletion
deleteGroupsNextcloudScope();