/*
 * Selling Partner API for Authorization
 *
 * The Selling Partner API for Authorization helps developers manage authorizations and check the specific permissions associated with a given authorization.
 *
 * The version of the OpenAPI document: v1
 * 
 * Generated by: https://openapi-generator.tech
 */


use reqwest;

use std::time::{SystemTime, Instant};
use aws_sigv4::http_request::{sign, SigningSettings, SigningParams, SignableRequest};
use http;
use secrecy::{SecretString, ExposeSecret};
use crate::auth::AuthState;
use crate::error::SharedError;

#[derive(Debug, Clone)]
pub struct Configuration {
    pub base_path: String,
    pub user_agent: Option<String>,
    pub client: reqwest::Client,
    pub aws_v4_key: Option<AWSv4Key>,
    pub rdt: Option<RestrictedDataToken>,
    pub auth: Option<AuthState>,
}

#[derive(Debug, Clone)]
pub struct AWSv4Key {
    pub access_key: String,
    pub secret_key: SecretString,
    pub region: String,
    pub service: String,
}

impl AWSv4Key {
    pub fn sign(&self, uri: &str, method: &str, access_token: Option<String>, body: &str) -> Result<Vec::<(String, String)>, aws_sigv4::http_request::Error> {
	let mut request = http::Request::builder()
	    .uri(uri)
	    .method(method);

    if let Some(access_token) = access_token {
        request = request.header("x-amz-access-token", access_token);
    }

    let request = request.body(body).unwrap();

	let signing_settings = SigningSettings::default();
	let signing_params = SigningParams::builder()
	    .access_key(self.access_key.as_str())
	    .secret_key(self.secret_key.expose_secret().as_str())
	    .region(self.region.as_str())
	    .service_name(self.service.as_str())
	    .time(SystemTime::now())
	    .settings(signing_settings)
	    .build()
	    .unwrap();
	let signable_request = SignableRequest::from(&request);
	let (mut signing_instructions, _signature) = sign(signable_request, &signing_params)?.into_parts();
	let mut additional_headers = Vec::<(String, String)>::new();
	if let Some(new_headers) = signing_instructions.take_headers() {
            for (name, value) in new_headers.into_iter() {
		additional_headers.push((name.expect("header should have name").to_string(),
		                         value.to_str().expect("header value should be a string").to_string()));
            }
        }
	return Ok(additional_headers);
    }
}

#[derive(Debug, Clone)]
pub struct RestrictedDataToken {
    token: String,
    expires_at: Instant,
}

impl RestrictedDataToken {
    pub fn token(&self) -> Result<String, SharedError> {
        if self.expires_at > Instant::now() + std::time::Duration::from_secs(15) {
            Ok(self.token.clone())
        } else {
            Err(SharedError::ExpiredRDT)
        }
    }
}

impl Configuration {
    pub fn new() -> Configuration {
        Configuration::default()
    }

    pub fn with_rdt(&self, token: String, expires_in_secs: u64) -> Self {
        Self {
            rdt: Some(RestrictedDataToken {
                token,
                expires_at: Instant::now() + std::time::Duration::from_secs(expires_in_secs as u64),
            }),
            auth: None,
            ..self.clone()
        }
    }
}

impl Default for Configuration {
    fn default() -> Self {
        Configuration {
            base_path: "https://sellingpartnerapi-na.amazon.com".to_owned(),
            user_agent: Some("OpenAPI-Generator/v1/rust".to_owned()),
            client: reqwest::Client::new(),
            aws_v4_key: None,
            rdt: None,
            auth: None,
        }
    }
}