<?php
namespace ProVM\Common\Service;

use Psr\Http\Message\ServerRequestInterface;
use ProVM\Common\Exception\Request\Auth\Unauthorized;

class Auth
{
    public function __construct(protected string $api_key) {}

    public function validate(ServerRequestInterface $request): bool
    {
        $key = $this->getHeaderKey($request);
        if (sha1($this->api_key) === $key) {
            return true;
        }
        return false;
    }

    protected function getHeaderKey(ServerRequestInterface $request): string
    {
        if (!$request->hasHeader('Authorization')) {
            throw new Unauthorized();
        }
        $auths = $request->getHeader('Authorization');
        foreach ($auths as $auth) {
            if (str_contains($auth, 'Bearer')) {
                return str_replace('Bearer ', '', $auth);
            }
        }
        throw new Unauthorized();
    }
}