const Oauth2Controller = require('flitter-auth/controllers/Oauth2')

/*
 * Handles views, processing, and data retrieval for flitter-auth's
 * built-in OAuth2 server, if it is enabled. Most handlers are inherited
 * from flitter-auth/controllers/Oauth2, but you can override them here
 * as you need.
 */
class Oauth2 extends Oauth2Controller {
    static get services() {
        return [...super.services, 'Vue', 'configs', 'models']
    }

    async authorize_post(req, res, next) {
        const client = await this._get_authorize_client({query: req.body})
        if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')

        const StarshipClient = this.models.get('oauth:Client')
        const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })

        req.user.authorize(starship_client)
        await req.user.save()
        return super.authorize_post(req, res, next)
    }

    async authorize_get(req, res, next) {
        const client = await this._get_authorize_client(req)
        if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')
        const uri = new URL(req.query.redirect_uri)

        const StarshipClient = this.models.get('oauth:Client')
        const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })

        if ( req.user.has_authorized(starship_client) ) {
            return this.Vue.invoke_action(res, {
                text: 'Grant Access',
                action: 'post',
                params: {
                    redirect_uri: uri.toString(),
                    client_id: client.clientID,
                },
            })
        }

        return res.page('public:message', {
            ...this.Vue.data({
                message: `<h3 class="font-weight-light">Authorize ${client.name}?</h3>
<br>
${client.name} is requesting access to your ${this.configs.get('app.name')} account. Once you grant it, you may not be prompted for permission again.
<br><br><br>
<i><small>You will be redirected to: ${uri.host}</small></i>`,

                actions: [
                    {
                        text: 'Deny',
                        action: 'redirect',
                        next: '/dash',
                    },
                    {
                        text: 'Grant Access',
                        action: 'post',
                        params: {
                            redirect_uri: uri.toString(),
                            client_id: client.clientID,
                        },
                    },
                ],
            })
        })
    }

}

module.exports = exports = Oauth2