<?php

namespace App\Services\Integration;

use App\Models\AdminSite;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\DB;

final class IntegrationSiteService
{
    public function __construct(
        private readonly PartnerSiteConfigResolver $configResolver,
    ) {}

    /**
     * @param  array<string, mixed>  $data
     * @return array{site: AdminSite, secrets: array{sso_jwt_secret: string, wallet_api_key: string}}
     */
    public function create(array $data): array
    {
        $secrets = $this->generateSecrets();

        $site = DB::transaction(function () use ($data, $secrets): AdminSite {
            return AdminSite::query()->create([
                'code' => (string) $data['code'],
                'name' => (string) $data['name'],
                'currency_code' => (string) ($data['currency_code'] ?? 'NPR'),
                'status' => (int) ($data['status'] ?? 1),
                'is_default' => false,
                'wallet_api_url' => $this->nullableTrim($data['wallet_api_url'] ?? null),
                'wallet_debit_path' => (string) ($data['wallet_debit_path'] ?? '/wallet/debit-for-lottery'),
                'wallet_credit_path' => (string) ($data['wallet_credit_path'] ?? '/wallet/credit-from-lottery'),
                'wallet_balance_path' => (string) ($data['wallet_balance_path'] ?? '/wallet/balance'),
                'wallet_timeout_seconds' => max(1, (int) ($data['wallet_timeout_seconds'] ?? 10)),
                'iframe_allowed_origins' => $data['iframe_allowed_origins'] ?? null,
                'lottery_h5_base_url' => $this->nullableTrim($data['lottery_h5_base_url'] ?? null),
                'notes' => $this->nullableTrim($data['notes'] ?? null),
                'sso_jwt_secret_encrypted' => encrypt($secrets['sso_jwt_secret']),
                'wallet_api_key_encrypted' => encrypt($secrets['wallet_api_key']),
            ]);
        });

        $this->configResolver->forgetCache((string) $site->code);

        return ['site' => $site->fresh(), 'secrets' => $secrets];
    }

    /**
     * @param  array<string, mixed>  $data
     */
    public function update(AdminSite $site, array $data): AdminSite
    {
        $site->fill([
            'name' => (string) $data['name'],
            'currency_code' => (string) ($data['currency_code'] ?? $site->currency_code),
            'status' => (int) ($data['status'] ?? $site->status),
            'wallet_api_url' => array_key_exists('wallet_api_url', $data)
                ? $this->nullableTrim($data['wallet_api_url'])
                : $site->wallet_api_url,
            'wallet_debit_path' => (string) ($data['wallet_debit_path'] ?? $site->wallet_debit_path),
            'wallet_credit_path' => (string) ($data['wallet_credit_path'] ?? $site->wallet_credit_path),
            'wallet_balance_path' => (string) ($data['wallet_balance_path'] ?? $site->wallet_balance_path),
            'wallet_timeout_seconds' => max(1, (int) ($data['wallet_timeout_seconds'] ?? $site->wallet_timeout_seconds)),
            'iframe_allowed_origins' => $data['iframe_allowed_origins'] ?? $site->iframe_allowed_origins,
            'lottery_h5_base_url' => array_key_exists('lottery_h5_base_url', $data)
                ? $this->nullableTrim($data['lottery_h5_base_url'])
                : $site->lottery_h5_base_url,
            'notes' => array_key_exists('notes', $data)
                ? $this->nullableTrim($data['notes'])
                : $site->notes,
        ]);
        $site->save();

        $this->configResolver->forgetCache((string) $site->code);

        return $site->fresh();
    }

    /**
     * @return array{site: AdminSite, secrets: array{sso_jwt_secret: string, wallet_api_key: string}}
     */
    public function rotateSecrets(AdminSite $site): array
    {
        $secrets = $this->generateSecrets();

        $site->forceFill([
            'sso_jwt_secret_encrypted' => encrypt($secrets['sso_jwt_secret']),
            'wallet_api_key_encrypted' => encrypt($secrets['wallet_api_key']),
        ])->save();

        $this->configResolver->forgetCache((string) $site->code);

        return ['site' => $site->fresh(), 'secrets' => $secrets];
    }

    /**
     * @return array{sso_jwt_secret: string, wallet_api_key: string}
     */
    private function generateSecrets(): array
    {
        return [
            'sso_jwt_secret' => Str::random(48),
            'wallet_api_key' => Str::random(40),
        ];
    }

    private function nullableTrim(mixed $value): ?string
    {
        if (! is_string($value)) {
            return null;
        }

        $trimmed = trim($value);

        return $trimmed === '' ? null : $trimmed;
    }
}