<?php
namespace Incoviba\Middleware;

use Psr\Http\Message\ResponseFactoryInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Incoviba\Exception\MissingAuthorizationHeader;
use Incoviba\Service;

class API
{
    public function __construct(protected ResponseFactoryInterface $responseFactory, protected Service\Login $loginService,
                                protected string $key) {}

    public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        try {
            $key = $this->getKey($request);
        } catch (MissingAuthorizationHeader $exception) {
            return $this->responseFactory->createResponse(401);
        }
        if ($this->validate($request, $key)) {
            return $handler->handle($request);
        }
        return $this->responseFactory->createResponse(403);
    }
    protected function getKey(ServerRequestInterface $request): string
    {
        $auth_headers = $request->getHeader('Authorization');
        foreach ($auth_headers as $header) {
            if (str_contains($header, 'Bearer')) {
                return substr($header, strlen('Bearer '));
            }
        }
        throw new MissingAuthorizationHeader();
    }
    protected function validate(ServerRequestInterface $request, $incoming_key): bool
    {
        if (str_contains($incoming_key, $this->loginService->getSeparator())) {
            list($incoming_key, $selector, $token) = explode($this->loginService->getSeparator(), $incoming_key);
            if (!$this->loginService->isIn()) {
                return false;
            }
        }
        if (!$this->loginService->isIn() and !$this->validPermitted($request)) {
            return false;
        }
        return $incoming_key === md5($this->key);
    }
    protected function validPermitted(ServerRequestInterface $request): bool
    {
        $uri = $request->getUri();
        $validPaths = [
            '/api',
            '/api/'
        ];
        return in_array($uri->getPath(), $validPaths);
    }
}