# typed: ignore
# frozen_string_literal: true

module Setsuzoku
  module Service
    module WebService
      module AuthStrategies
        # The API OAuth Authentication Interface definition.
        # Any Plugin that implements this must implement all methods required for OAuth.
        #
        # Defines all necessary methods for the OAuth auth strategy.
        class OAuthStrategy < WebService::AuthStrategy
          extend T::Sig
          extend T::Helpers

          include StrategyCanUseTokens

          def self.required_instance_methods
            []
          end

          def self.credential_class
            Setsuzoku::Service::WebService::Credentials::OAuthCredential
          end

          def self.token_valid_for
            24.hours
          end

          #
          # auth_headers
          sig { override.returns(T::Hash[Symbol, T.untyped]) }
          #
          # Oauth auth headers required to perform authenticated requests.
          #
          # @return [Hash] the auth headers.
          def auth_headers
            {
              authorization: {
                token: self.credential.token
              }
            }
          end

          # Get a new credential.
          # Exchanges code for token, refresh_token and expires_on.
          #
          # @param args [Hash] the code from the initial auth response { code: 'abcdefg' }.
          #
          # @return void
          sig { override.params(args: T.untyped).void }
          def new_credential!(**args)
            # get a token object based on the code retrieved from login
            get_token!(params(grant_type: 'authorization_code',
                              code: args[:code]), :new_token)
          end

          # Exchange refresh_token for a new token and expires_on.
          #
          # @return [Boolean] true if the credential was refreshed successfully
          sig { override.void }
          def refresh_expired_token!
            get_token!(params(grant_type: 'refresh_token',
                              refresh_token: self.credential.refresh_token), :refresh_token)
          end

          private

          #
          # uses_token_by_default?
          sig { returns(T::Boolean) }
          #
          # OAuth auth_strategy always uses a token.
          #
          # @return [Boolean] if the auth_strategy uses a token or not.
          def uses_token_by_default?
            true
          end

          # Add some default params to the params hash.
          #
          # @param params [Hash] the original params hash.
          #
          # @return [Hash] the merged params hash.
          sig { params(params: T::Hash[T.untyped, T.untyped]).returns(T::Hash[T.untyped, T.untyped]) }
          def params(params)
            if params.key?(:redirect_uri)
              params.merge(client_id: self.credential.client_id,
                           client_secret: self.credential.client_secret
              )
            else
              params.merge(client_id: self.credential.client_id,
                           client_secret: self.credential.client_secret,
                           redirect_uri: self.credential.redirect_url
              )
            end
          end
        end
      end
    end
  end
end