import * as plugins from './plugins.js';
import * as paths from './paths.js';
import { Reception } from './reception/classes.reception.js';

export const runCli = async () => {
  const serviceQenv = new plugins.qenv.Qenv('./', './.nogit', false);

  // Create reception first so we can reference it in routes
  let reception: Reception;

  const websiteServer = new plugins.typedserver.utilityservers.UtilityWebsiteServer({
    feedMetadata: null,
    domain: 'idp.global',
    serveDir: paths.distWebDir,
    securityHeaders: {
      csp: {
        defaultSrc: "'self'",
        scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://cdn.paddle.com", "https://public.profitwell.com"],
        styleSrc: ["'self'", "'unsafe-inline'", "https://cdn.paddle.com", "https://assetbroker.lossless.one"],
        imgSrc: ["'self'", "data:", "https:"],
        fontSrc: ["'self'", "data:"],
        connectSrc: ["'self'", "https://*.paddle.com", "https://buy.paddle.com", "https://checkout.paddle.com", "https://checkout-service.paddle.com", "https://cdn.paddle.com", "https://*.sentry.io", "https://public.profitwell.com", "wss:"],
        frameSrc: ["https://buy.paddle.com", "https://checkout.paddle.com", "https://*.paddle.com"],
      },
    },
    addCustomRoutes: async (typedserver) => {
      // Enable SPA fallback - serves index.html for non-file routes (e.g., /login, /dashboard)
      typedserver.options.spaFallback = true;

      // OIDC Discovery endpoint
      typedserver.addRoute('/.well-known/openid-configuration', 'GET', async (req) => {
        return new Response(JSON.stringify(reception.oidcManager.getDiscoveryDocument()), {
          headers: { 'Content-Type': 'application/json' },
        });
      });

      // JWKS endpoint
      typedserver.addRoute('/.well-known/jwks.json', 'GET', async (req) => {
        return new Response(JSON.stringify(reception.oidcManager.getJwks()), {
          headers: { 'Content-Type': 'application/json' },
        });
      });

      // OAuth Authorization endpoint
      typedserver.addRoute('/oauth/authorize', 'GET', async (req) => {
        return reception.oidcManager.handleAuthorize(req);
      });

      // OAuth Token endpoint
      typedserver.addRoute('/oauth/token', 'POST', async (req) => {
        return reception.oidcManager.handleToken(req);
      });

      // OAuth UserInfo endpoint (GET and POST)
      typedserver.addRoute('/oauth/userinfo', 'GET', async (req) => {
        return reception.oidcManager.handleUserInfo(req);
      });
      typedserver.addRoute('/oauth/userinfo', 'POST', async (req) => {
        return reception.oidcManager.handleUserInfo(req);
      });

      // OAuth Revocation endpoint
      typedserver.addRoute('/oauth/revoke', 'POST', async (req) => {
        return reception.oidcManager.handleRevoke(req);
      });
    },
  });

  // lets add the reception routes
  reception = new Reception({
    name: (await serviceQenv.getEnvVarOnDemand('INSTANCE_NAME')) || 'idp.global',
    mongoDescriptor: {
      mongoDbUrl: await serviceQenv.getEnvVarOnDemand('MONGODB_URL'),
    },
    websiteServer: websiteServer,
    baseUrl: await serviceQenv.getEnvVarOnDemand('IDP_BASEURL'),
  });
  await reception.start();

  await websiteServer.start(2999);
};