package route

import (
	"net/http"

	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
	"github.com/pkg/errors"
	"gitlab.com/wpetit/goweb/middleware/container"
)

func serveConsentPage(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	hydr := hydra.Must(ctn)

	challenge, err := hydr.ConsentChallenge(r)
	if err != nil {
		if err == hydra.ErrChallengeNotFound {
			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

			return
		}

		panic(errors.Wrap(err, "could not retrieve consent challenge"))
	}

	consentRes, err := hydr.ConsentRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra consent response"))
	}

	scopes := []string{"email"}
	scopes = append(scopes, consentRes.RequestedScope...)

	acceptConsentReq := &hydra.AcceptConsentRequest{
		GrantScope:               scopes,
		GrantAccessTokenAudience: consentRes.RequestedAccessTokenAudience,
		Session: hydra.AcceptConsentSession{
			IDToken: map[string]interface{}{
				"email":          consentRes.Context["email"],
				"email_verified": true,
			},
		},
	}

	acceptRes, err := hydr.AcceptConsentRequest(challenge, acceptConsentReq)
	if err != nil {
		panic(errors.Wrap(err, "could not accept hydra consent request"))
	}

	http.Redirect(w, r, acceptRes.RedirectTo, http.StatusTemporaryRedirect)
}