package wazuh

import (
	"crypto/tls"
	"encoding/json"
	"fmt"
	"io"
	"log"
	"net/http"

	"forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/config"
)

const APIAuthenticate = "/security/user/authenticate"
const APIAgents = "/agents"

type AuthResponse struct {
	Data struct {
		Token string `json:"token"`
	} `json:"data"`
	Error int `json:"error"`
}

func getJWT(cfg *config.Config) (string, error) {
	req, err := http.NewRequest(http.MethodPost, cfg.BaseURL+APIAuthenticate, http.NoBody)

	if err != nil {
		return "", fmt.Errorf("cannot create request for %v : %+v", cfg.BaseURL+APIAuthenticate, err)
	}
	req.SetBasicAuth(cfg.User, cfg.Passwd)

	client := http.DefaultClient
	if cfg.SkipSSLVerification {
		tr := &http.Transport{
			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
		}
		client = &http.Client{Transport: tr}
	}

	res, err := client.Do(req)
	if err != nil {
		return "", err
	}

	defer res.Body.Close()

	if res.StatusCode != http.StatusOK {
		return "", fmt.Errorf("Bad status on %v: %d", cfg.BaseURL+APIAuthenticate, res.StatusCode)
	}

	body, err := io.ReadAll(res.Body)
	if err != nil {
		log.Fatal(err)
	}

	var authInfo AuthResponse
	if err := json.Unmarshal(body, &authInfo); err != nil {
		return "", fmt.Errorf("Cannot unmarshal JSON: %v", string(body))
	}
	return authInfo.Data.Token, nil
}

func AddAgent(cfg *config.Config) error {
	token, err := getJWT(cfg)
	if err != nil {
		return err
	}

	print(token) /*
		resp, err := http.DefaultClient.Post(cfg.BaseURL + APIAgents)
		if err != nil {
			return err
		}
		defer resp.Body.Close()

		switch resp.StatusCode {
		case http.StatusOK:
			return nil
		default:
			return false, fmt.Errorf("Bad status: %d", resp.StatusCode)
		}
	*/
	return nil
}