package route

import (
	"net/http"

	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
	"github.com/pkg/errors"
	"gitlab.com/wpetit/goweb/middleware/container"
)

func serveConsentPage(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	//tmpl := template.Must(ctn)
	hydr := hydra.Must(ctn)

	challenge, err := hydr.ConsentChallenge(r)
	if err != nil {
		if err == hydra.ErrChallengeNotFound {
			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

			return
		}

		panic(errors.Wrap(err, "could not retrieve consent challenge"))
	}

	res, err := hydr.ConsentRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra consent response"))
	}

	if res.Skip {
		res, err := hydr.AcceptConsentRequest(challenge, &hydra.AcceptConsentRequest{
			GrantScope:               res.RequestedScope,
			GrantAccessTokenAudience: res.RequestedAccessTokenAudience,
		})
		if err != nil {
			panic(errors.Wrap(err, "could not accept hydra consent request"))
		}

		http.Redirect(w, r, res.RedirectTo, http.StatusTemporaryRedirect)
		return
	}

	res2, err := hydr.AcceptConsentRequest(challenge, &hydra.AcceptConsentRequest{
		GrantScope:               res.RequestedScope,
		GrantAccessTokenAudience: res.RequestedAccessTokenAudience,
	})
	if err != nil {
		panic(errors.Wrap(err, "could not accept hydra consent request"))
	}

	http.Redirect(w, r, res2.RedirectTo, http.StatusTemporaryRedirect)

	// spew.Dump(res)

	// data := extendTemplateData(w, r, template.Data{
	// 	csrf.TemplateTag:   csrf.TemplateField(r),
	// 	"RequestedScope":   res.RequestedScope,
	// 	"ConsentChallenge": challenge,
	// })

	// if err := tmpl.RenderPage(w, "consent.html.tmpl", data); err != nil {
	// 	panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
	// }
}