using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using iPackage.Core.Web.Models.Entity;
using iPackage.Core.Web.Models.Settings;
using iPackage.Core.Web.Services.Contracts;
using iPackage.Models.Api;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;

namespace iPackage.Core.Web.Services
{

    public class JWTService : IJWTService
    {
        private readonly SignInManager<Admin> _signInManager;
        private readonly SiteSettings _siteSettings;

        public JWTService(
            IOptionsSnapshot<SiteSettings> siteSettings,
            SignInManager<Admin> signInManager)
        {
            _signInManager = signInManager;
            _siteSettings = siteSettings.Value;
        }

        public async Task<AccessToken> Generate(Admin user)
        {
            var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey);
            var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey),
                SecurityAlgorithms.HmacSha512Signature);
            var claims = await GetClaims(user);
            var desctiptor = new SecurityTokenDescriptor
            {
                Issuer = _siteSettings.JwtSettings.Issuer,
                Audience = _siteSettings.JwtSettings.Audience,
                IssuedAt = DateTime.Now,
                NotBefore = DateTime.Now,
                Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay),
                SigningCredentials = signingCredintial,
                Subject = new ClaimsIdentity(claims)
            };
            var handler = new JwtSecurityTokenHandler();
            return new AccessToken(handler.CreateJwtSecurityToken(desctiptor));
        }

        public async Task<AccessToken<TUser>> Generate<TUser>(Admin user)
        {
            var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey);
            var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey),
                SecurityAlgorithms.HmacSha512Signature);
            var claims = await GetClaims(user);
            var desctiptor = new SecurityTokenDescriptor
            {
                Issuer = _siteSettings.JwtSettings.Issuer,
                Audience = _siteSettings.JwtSettings.Audience,
                IssuedAt = DateTime.Now,
                NotBefore = DateTime.Now,
                Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay),
                SigningCredentials = signingCredintial,
                Subject = new ClaimsIdentity(claims)
            };
            var handler = new JwtSecurityTokenHandler();
            return new AccessToken<TUser>(handler.CreateJwtSecurityToken(desctiptor));
        }

        private async Task<IEnumerable<Claim>> GetClaims(Admin user)
        {
            var claims = (await _signInManager.ClaimsFactory.CreateAsync(user)).Claims.ToList();
            claims.Add(new Claim(ClaimTypes.Gender, user.Gender == 0 ? "Femail" : "Mail"));
            return claims;
        }
    }
}