package main

import (
	"context"
	"database/sql"
	"fmt"
	"log/slog"
	"net/http"

	"atlas9.dev/c/core/dbi"
	"atlas9.dev/c/core/iam"
	"atlas9.dev/c/core/routes"
	"atlas9.dev/c/iam/oidc_provider"
)

func initOauth(
	ctx context.Context,
	config *Config,
	db *sql.DB,
	mux *http.ServeMux,
	users dbi.Factory[iam.UserStore],
	sessions iam.SessionStore,
) error {
	stateStore := NewSqliteStateStore(db)

	providers := func(tx dbi.DBI) iam.OAuthStore {
		return NewSqliteOAuthStore(tx)
	}

	oidcDeps := oidc_provider.Deps{
		DB:         db,
		StateStore: stateStore,
		Users:      users,
		OAuth:      providers,
		Sessions:   sessions,
	}

	if config.OAuth.Google.ClientID != "" {
		google, err := oidc_provider.NewGoogleProvider(
			ctx,
			config.OAuth.Google.ClientID,
			config.OAuth.Google.ClientSecret,
			config.OAuth.Google.RedirectURL,
			oidcDeps,
		)
		if err != nil {
			return fmt.Errorf("initializing Google OIDC: %w", err)
		}
		routes.Register(mux, google.Routes())
		slog.Info("Google OIDC provider registered")
	}

	if config.OAuth.Apple.ClientID != "" {
		apple, err := oidc_provider.NewAppleProvider(
			ctx,
			config.OAuth.Apple.ClientID,
			config.OAuth.Apple.ClientSecret,
			config.OAuth.Apple.RedirectURL,
			oidcDeps,
		)
		if err != nil {
			return fmt.Errorf("initializing Apple OIDC: %w", err)
		}
		routes.Register(mux, apple.Routes())
		slog.Info("Apple OIDC provider registered")
	}

	if config.OAuth.GitHub.ClientID != "" {
		github, err := oidc_provider.NewGitHubProvider(
			ctx,
			config.OAuth.GitHub.ClientID,
			config.OAuth.GitHub.ClientSecret,
			config.OAuth.GitHub.RedirectURL,
			oidcDeps,
		)
		if err != nil {
			return fmt.Errorf("initializing GitHub OAuth: %w", err)
		}
		routes.Register(mux, github.Routes())
		slog.Info("GitHub OAuth provider registered")
	}
	return nil
}