package service

import (
	"baron-sso-backend/internal/domain"
	"log/slog"

	"github.com/descope/go-sdk/descope/client"
)

type DescopeProvider struct {
	Client       *client.DescopeClient
	fieldMapping map[string]string // Key: Broker Field Name, Value: Descope Attribute Key
}

func NewDescopeProvider(projectID, managementKey string) *DescopeProvider {
	var descopeClient *client.DescopeClient
	var err error
	if projectID != "" {
		descopeClient, err = client.NewWithConfig(&client.Config{
			ProjectID:     projectID,
			ManagementKey: managementKey,
		})
		if err != nil {
			slog.Warn("Failed to initialize Descope Client in Provider", "error", err)
		}
	}

	// Define the mapping between BrokerUser fields and Descope attributes.
	// In a real scenario, this could be loaded from a config file.
	// For this implementation, we hardcode the support to demonstrate the validation.
	// We map the Broker's required custom attributes to Descope's keys.
	mapping := map[string]string{
		"grade":      "customAttributes.userRank", // Broker 'grade' maps to Descope 'userRank'
		"department": "customAttributes.dept",     // Broker 'department' maps to Descope 'dept'
	}

	return &DescopeProvider{
		Client:       descopeClient,
		fieldMapping: mapping,
	}
}

func (d *DescopeProvider) Name() string {
	return "Descope"
}

// GetMetadata returns the schema support information.
// Currently, it returns the standard fields Descope supports + the mapped custom attributes.
func (d *DescopeProvider) GetMetadata() (*domain.IDPMetadata, error) {
	// 1. Standard Fields supported by Descope
	supported := []string{"id", "email", "name", "phone_number"}

	// 2. Add mapped custom attributes
	// The Validator checks if the Broker's required keys (e.g., "grade") are present in this list.
	for brokerKey := range d.fieldMapping {
		supported = append(supported, brokerKey)
	}

	return &domain.IDPMetadata{
		SupportedFields: supported,
	}, nil
}