import type * as http from 'node:http';
import type { JwsVerifier } from './server.classes.jws.verifier.js';
import { AcmeServerError } from './server.classes.jws.verifier.js';
import type { IServerOrderStore } from './server.interfaces.js';

/**
 * POST /cert/:id — Download certificate chain (POST-as-GET).
 */
export function createCertHandler(
  baseUrl: string,
  jwsVerifier: JwsVerifier,
  orderStore: IServerOrderStore,
) {
  return async (
    req: http.IncomingMessage,
    res: http.ServerResponse,
    params: Record<string, string>,
    body: any,
  ): Promise<void> => {
    const orderId = params.id;
    const requestUrl = `${baseUrl}/cert/${orderId}`;
    await jwsVerifier.verify(body, requestUrl);

    const certPem = await orderStore.getCertPem(orderId);
    if (!certPem) {
      throw new AcmeServerError(404, 'urn:ietf:params:acme:error:malformed', 'Certificate not found');
    }

    res.writeHead(200, { 'Content-Type': 'application/pem-certificate-chain' });
    res.end(certPem);
  };
}