<?php

declare(strict_types=1);


/**
 * SPDX-FileCopyrightText: 2021 F7cloud GmbH and F7cloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */


namespace OCA\Circles\Command;

use Exception;
use OC\Core\Command\Base;
use OCA\Circles\AppInfo\Application;
use OCA\Circles\Db\RemoteRequest;
use OCA\Circles\Exceptions\RemoteNotFoundException;
use OCA\Circles\Exceptions\RemoteUidException;
use OCA\Circles\Model\Federated\RemoteInstance;
use OCA\Circles\Service\ConfigService;
use OCA\Circles\Service\GlobalScaleService;
use OCA\Circles\Service\InterfaceService;
use OCA\Circles\Service\RemoteStreamService;
use OCA\Circles\Tools\Exceptions\RequestNetworkException;
use OCA\Circles\Tools\Exceptions\SignatoryException;
use OCA\Circles\Tools\Exceptions\SignatureException;
use OCA\Circles\Tools\Model\NCRequest;
use OCA\Circles\Tools\Model\NCSignedRequest;
use OCA\Circles\Tools\Traits\TNCWellKnown;
use OCA\Circles\Tools\Traits\TStringTools;
use Symfony\Component\Console\Helper\QuestionHelper;
use Symfony\Component\Console\Helper\Table;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\ConsoleOutput;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Question\ConfirmationQuestion;

/**
 * Class CirclesRemote
 *
 * @package OCA\Circles\Command
 */
class CirclesRemote extends Base {
	use TNCWellKnown;
	use TStringTools;


	/** @var RemoteRequest */
	private $remoteRequest;

	/** @var GlobalScaleService */
	private $globalScaleService;

	/** @var RemoteStreamService */
	private $remoteStreamService;

	/** @var InterfaceService */
	private $interfaceService;

	/** @var ConfigService */
	private $configService;


	/** @var InputInterface */
	private $input;

	/** @var OutputInterface */
	private $output;


	/**
	 * CirclesRemote constructor.
	 *
	 * @param RemoteRequest $remoteRequest
	 * @param GlobalScaleService $globalScaleService
	 * @param RemoteStreamService $remoteStreamService
	 * @param InterfaceService $interfaceService
	 * @param ConfigService $configService
	 */
	public function __construct(
		RemoteRequest $remoteRequest,
		GlobalScaleService $globalScaleService,
		RemoteStreamService $remoteStreamService,
		InterfaceService $interfaceService,
		ConfigService $configService,
	) {
		parent::__construct();

		$this->remoteRequest = $remoteRequest;
		$this->globalScaleService = $globalScaleService;
		$this->remoteStreamService = $remoteStreamService;
		$this->interfaceService = $interfaceService;
		$this->configService = $configService;

		$this->setup('app', 'circles');
	}


	/**
	 *
	 */
	protected function configure() {
		parent::configure();
		$this->setName('circles:remote')
			->setDescription('remote features')
			->addArgument('host', InputArgument::OPTIONAL, 'host of the remote instance of F7cloud')
			->addOption(
				'type', '', InputOption::VALUE_REQUIRED, 'set type of remote', RemoteInstance::TYPE_UNKNOWN
			)
			->addOption(
				'iface', '', InputOption::VALUE_REQUIRED, 'set interface to use to contact remote',
				InterfaceService::$LIST_IFACE[InterfaceService::IFACE_FRONTAL]
			)
			->addOption('yes', '', InputOption::VALUE_NONE, 'silently add the remote instance')
			->addOption('all', '', InputOption::VALUE_NONE, 'display all information');
	}


	/**
	 * @param InputInterface $input
	 * @param OutputInterface $output
	 *
	 * @return int
	 * @throws Exception
	 */
	protected function execute(InputInterface $input, OutputInterface $output): int {
		$host = $input->getArgument('host');

		$this->input = $input;
		$this->output = $output;

		if ($host) {
			$this->requestInstance($host);
		} else {
			$this->checkKnownInstance();
		}

		return 0;
	}


	/**
	 * @param string $host
	 *
	 * @throws Exception
	 */
	private function requestInstance(string $host): void {
		$remoteType = $this->getRemoteType();
		$remoteIface = $this->getRemoteInterface();
		$this->interfaceService->setCurrentInterface($remoteIface);

		$webfinger = $this->getWebfinger($host, Application::APP_SUBJECT);
		if ($this->input->getOption('all')) {
			$this->output->writeln('- Webfinger on <info>' . $host . '</info>');
			$this->output->writeln(json_encode($webfinger, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
			$this->output->writeln('');
		}

		if ($this->input->getOption('all')) {
			$circleLink = $this->extractLink(Application::APP_REL, $webfinger);
			$this->output->writeln('- Information about Circles app on <info>' . $host . '</info>');
			$this->output->writeln(json_encode($circleLink, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
			$this->output->writeln('');
		}

		$this->output->writeln('- Available services on <info>' . $host . '</info>');
		foreach ($webfinger->getLinks() as $link) {
			$app = $link->getProperty('name');
			$ver = $link->getProperty('version');
			if ($app !== '') {
				$app .= ' ';
			}
			if ($ver !== '') {
				$ver = 'v' . $ver;
			}

			$this->output->writeln(' * ' . $link->getRel() . ' ' . $app . $ver);
		}
		$this->output->writeln('');

		$this->output->writeln('- Resources related to Circles on <info>' . $host . '</info>');
		$resource = $this->getResourceData($host, Application::APP_SUBJECT, Application::APP_REL);
		$this->output->writeln(json_encode($resource, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
		$this->output->writeln('');


		$tempUid = $resource->g('uid');
		$this->output->writeln(
			'- Confirming UID=' . $tempUid . ' from parsed Signatory at <info>' . $host . '</info>'
		);

		try {
			/** @var RemoteInstance $remoteSignatory */
			$remoteSignatory = $this->remoteStreamService->retrieveSignatory($resource->g('id'), true);
			$this->output->writeln(' * No SignatureException: <info>Identity authed</info>');
		} catch (SignatureException $e) {
			$this->output->writeln(
				'<error>' . $host . ' cannot auth its identity: ' . $e->getMessage() . '</error>'
			);

			return;
		}

		$this->output->writeln(' * Found <info>' . $remoteSignatory->getUid() . '</info>');
		if ($remoteSignatory->getUid(true) !== $tempUid) {
			$this->output->writeln('<error>looks like ' . $host . ' is faking its identity');

			return;
		}

		$this->output->writeln('');

		$testUrl = $resource->g('test');
		$this->output->writeln('- Testing signed payload on <info>' . $testUrl . '</info>');

		try {
			$localSignatory = $this->remoteStreamService->getAppSignatory();
		} catch (SignatoryException $e) {
			$this->output->writeln(
				'<error>Federated Circles not enabled locally. Please run ./occ circles:remote:init</error>'
			);

			return;
		}

		$payload = [
			'test' => 42,
			'token' => $this->uuid()
		];
		$signedRequest = $this->outgoingTest($testUrl, $payload);
		$this->output->writeln(' * Payload: ');
		$this->output->writeln(json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
		$this->output->writeln('');

		$this->output->writeln(' * Clear Signature: ');
		$this->output->writeln('<comment>' . $signedRequest->getClearSignature() . '</comment>');
		$this->output->writeln('');

		$this->output->writeln(' * Signed Signature (base64 encoded): ');
		$this->output->writeln(
			'<comment>' . base64_encode($signedRequest->getSignedSignature()) . '</comment>'
		);
		$this->output->writeln('');

		$result = $signedRequest->getOutgoingRequest()->getResult();
		$code = $result->getStatusCode();
		$this->output->writeln(' * Result: ' . (($code === 200) ? '<info>' . ((string)$code) . '</info>' : $code));
		$this->output->writeln(
			json_encode(json_decode($result->getContent(), true), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
		);
		$this->output->writeln('');

		if ($this->input->getOption('all')) {
			$this->output->writeln('');
			$this->output->writeln('<info>### Complete report ###</info>');
			$this->output->writeln(json_encode($signedRequest, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
			$this->output->writeln('');
		}

		if ($remoteSignatory->getUid() !== $localSignatory->getUid()) {
			$remoteSignatory->setInstance($host)
				->setType($remoteType)
				->setInterface($remoteIface);

			try {
				$stored = new RemoteInstance();
				$this->remoteStreamService->confirmValidRemote($remoteSignatory, $stored);
				$this->output->writeln(
					'<info>The remote instance ' . $host
					. ' is already known with this current identity</info>'
				);


				$this->output->writeln('- updating item');
				$this->remoteStreamService->update($remoteSignatory, RemoteStreamService::UPDATE_ITEM);

				if ($remoteSignatory->getType() !== $stored->getType()) {
					$this->output->writeln(
						'- updating type from ' . $stored->getType() . ' to '
						. $remoteSignatory->getType()
					);
					$this->remoteStreamService->update(
						$remoteSignatory, RemoteStreamService::UPDATE_TYPE
					);
				}

				if ($remoteSignatory->getInstance() !== $stored->getInstance()) {
					$this->output->writeln(
						'- updating host from ' . $stored->getInstance() . ' to '
						. $remoteSignatory->getInstance()
					);
					$this->remoteStreamService->update(
						$remoteSignatory, RemoteStreamService::UPDATE_INSTANCE
					);
				}
				if ($remoteSignatory->getId() !== $stored->getId()) {
					$this->output->writeln(
						'- updating href/Id from ' . $stored->getId() . ' to '
						. $remoteSignatory->getId()
					);
					$this->remoteStreamService->update($remoteSignatory, RemoteStreamService::UPDATE_HREF);
				}
			} catch (RemoteUidException $e) {
				$this->updateRemote($remoteSignatory);
			} catch (RemoteNotFoundException $e) {
				$this->saveRemote($remoteSignatory);
			}
		}
	}


	/**
	 * @param RemoteInstance $remoteSignatory
	 *
	 * @throws RemoteUidException
	 */
	private function saveRemote(RemoteInstance $remoteSignatory) {
		$this->output->writeln('');
		/** @var QuestionHelper $helper */
		$helper = $this->getHelper('question');

		$this->output->writeln(
			'The remote instance <info>' . $remoteSignatory->getInstance() . '</info> looks good.'
		);
		$question = new ConfirmationQuestion(
			'Would you like to identify this remote instance as \'<comment>' . $remoteSignatory->getType()
			. '</comment>\' using interface \'<comment>'
			. InterfaceService::$LIST_IFACE[$remoteSignatory->getInterface()]
			. '</comment>\' ? (y/N) ',
			false,
			'/^(y|Y)/i'
		);

		if ($this->input->getOption('yes') || $helper->ask($this->input, $this->output, $question)) {
			if (!$this->interfaceService->isInterfaceInternal($remoteSignatory->getInterface())) {
				$remoteSignatory->setAliases([]);
			}
			$this->remoteRequest->save($remoteSignatory);
			$this->output->writeln('<info>remote instance saved</info>');
		}
	}


	/**
	 * @param RemoteInstance $remoteSignatory
	 *
	 * @throws RemoteUidException
	 */
	private function updateRemote(RemoteInstance $remoteSignatory): void {
		$this->output->writeln('');
		/** @var QuestionHelper $helper */
		$helper = $this->getHelper('question');

		$this->output->writeln(
			'The remote instance <info>' . $remoteSignatory->getInstance()
			. '</info> is known but <error>its identity has changed.</error>'
		);
		$this->output->writeln(
			'<comment>If you are not sure on why identity changed, please say No to the next question and contact the admin of the remote instance</comment>'
		);
		$question = new ConfirmationQuestion(
			'Do you consider this new identity as valid and update the entry in the database? (y/N) ',
			false,
			'/^(y|Y)/i'
		);

		if ($helper->ask($this->input, $this->output, $question)) {
			$this->remoteStreamService->update($remoteSignatory);
			$this->output->writeln('remote instance updated');
		}
	}


	/**
	 * @param string $remote
	 * @param array $payload
	 *
	 * @return NCSignedRequest
	 * @throws RequestNetworkException
	 * @throws SignatoryException
	 */
	private function outgoingTest(string $remote, array $payload): NCSignedRequest {
		$request = new NCRequest();
		$request->basedOnUrl($remote);
		$request->setFollowLocation(true);
		$request->setLocalAddressAllowed(true);
		$request->setTimeout(5);
		$request->setData($payload);

		$app = $this->remoteStreamService->getAppSignatory();
		$signedRequest = $this->remoteStreamService->signOutgoingRequest($request, $app);
		$outgoingRequest = $signedRequest->getOutgoingRequest();
		$outgoingRequest->setLocalAddressAllowed(true);
		$outgoingRequest->setFollowLocation(true);

		$this->doRequest($outgoingRequest);

		return $signedRequest;
	}


	/**
	 *
	 */
	private function checkKnownInstance(): void {
		$this->verifyGSInstances();
		$this->checkRemoteInstances();
	}


	/**
	 *
	 */
	private function verifyGSInstances(): void {
		$instances = $this->globalScaleService->getGlobalScaleInstances();
		$known = array_map(
			function (RemoteInstance $instance): string {
				return $instance->getInstance();
			}, $this->remoteRequest->getFromType(RemoteInstance::TYPE_GLOBALSCALE)
		);

		$missing = array_diff($instances, $known);
		foreach ($missing as $instance) {
			$this->syncGSInstance($instance);
		}
	}


	/**
	 * @param string $instance
	 */
	private function syncGSInstance(string $instance): void {
		$this->output->write('Adding <comment>' . $instance . '</comment>: ');
		if ($this->configService->isLocalInstance($instance)) {
			$this->output->writeln('<comment>instance is local</comment>');
			return;
		}

		try {
			$this->remoteStreamService->addRemoteInstance(
				$instance,
				RemoteInstance::TYPE_GLOBALSCALE,
				InterfaceService::IFACE_INTERNAL,
				true
			);
			$this->output->writeln('<info>ok</info>');
		} catch (Exception $e) {
			$msg = ($e->getMessage() === '') ? '' : ' (' . $e->getMessage() . ')';
			$this->output->writeln('<error>' . get_class($e) . $msg . '</error>');
		}
	}


	private function checkRemoteInstances(): void {
		$instances = $this->remoteRequest->getAllInstances();

		$output = new ConsoleOutput();
		$output = $output->section();
		$table = new Table($output);
		$table->setHeaders(['Instance', 'Type', 'iface', 'UID', 'Authed', 'Aliases']);

		$rows = [];
		foreach ($instances as $instance) {
			try {
				$current = $this->remoteStreamService->retrieveRemoteInstance($instance->getInstance());
				if ($current->getUid(true) === $instance->getUid(true)) {
					$currentUid = '<info>' . $current->getUid(true) . '</info>';
				} else {
					$currentUid = '<error>' . $current->getUid(true) . '</error>';
				}
			} catch (Exception $e) {
				$currentUid = '<error>' . $e->getMessage() . '</error>';
			}

			$rows[] = [
				$instance->getInstance(),
				$instance->getType(),
				InterfaceService::$LIST_IFACE[$instance->getInterface()],
				$instance->getUid(),
				$currentUid,
				json_encode($instance->getAliases())
			];
		}

		$table->setRows($rows);
		$table->render();
	}


	/**
	 * @throws Exception
	 */
	private function getRemoteType(): string {
		foreach (RemoteInstance::$LIST_TYPE as $type) {
			if (strtolower($this->input->getOption('type')) === strtolower($type)) {
				return $type;
			}
		}

		throw new Exception('Unknown type: ' . implode(', ', RemoteInstance::$LIST_TYPE));
	}

	/**
	 * @throws Exception
	 */
	private function getRemoteInterface(): int {
		foreach (InterfaceService::$LIST_IFACE as $iface => $def) {
			if (strtolower($this->input->getOption('iface')) === strtolower($def)) {
				return $iface;
			}
		}

		throw new Exception('Unknown interface: ' . implode(', ', InterfaceService::$LIST_IFACE));
	}
}