import * as plugins from '../plugins.js';
import * as authInterfaces from '../data/auth.js';

export type TCertificateStatus = 'valid' | 'expiring' | 'expired' | 'provisioning' | 'failed' | 'unknown';
export type TCertificateSource = 'acme' | 'provision-function' | 'static' | 'none';

export interface ICertificateInfo {
  routeName: string;
  domains: string[];
  status: TCertificateStatus;
  source: TCertificateSource;
  tlsMode: 'terminate' | 'terminate-and-reencrypt' | 'passthrough';
  expiryDate?: string;     // ISO string
  issuer?: string;
  issuedAt?: string;       // ISO string
  error?: string;          // if status === 'failed'
  canReprovision: boolean; // true for acme/provision-function routes
}

export interface IReq_GetCertificateOverview extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
  IReq_GetCertificateOverview
> {
  method: 'getCertificateOverview';
  request: {
    identity?: authInterfaces.IIdentity;
  };
  response: {
    certificates: ICertificateInfo[];
    summary: {
      total: number;
      valid: number;
      expiring: number;
      expired: number;
      failed: number;
      unknown: number;
    };
  };
}

export interface IReq_ReprovisionCertificate extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
  IReq_ReprovisionCertificate
> {
  method: 'reprovisionCertificate';
  request: {
    identity?: authInterfaces.IIdentity;
    routeName: string;
  };
  response: {
    success: boolean;
    message?: string;
  };
}