using Microsoft.AspNetCore.Authorization;

using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Prng;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;

using PrivaPub.ClientModels;

using System.Security.Cryptography.X509Certificates;
using Org.BouncyCastle.Math;
using PrivaPub.Models.User;
using System.Security.Claims;

namespace PrivaPub.Extensions
{
	public static class Extensions
	{
		public static string GetLogsConnectionString(this IConfiguration configuration) =>
			configuration.GetSection("Serilog")
						?.GetSection("WriteTo")
						?.GetChildren()
						?.First()
						?.GetSection("Args")
						?.GetSection("databaseUrl")
						?.Value;

		public static AuthorizationPolicy IsAdminPolicy() =>
			new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
																			.RequireClaim(Policies.IsAdmin, true.ToString().ToLower())
																			.RequireClaim(Policies.IsUser, true.ToString().ToLower())
																			.RequireClaim(Policies.IsModerator, true.ToString().ToLower())
																			.Build();

		public static AuthorizationPolicy IsUserPolicy() =>
			new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
																			.RequireClaim(Policies.IsUser, true.ToString().ToLower())
																			.Build();

		public static AuthorizationPolicy IsModeratorPolicy() =>
		 new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
																			.RequireClaim(Policies.IsUser, true.ToString().ToLower())
																			.RequireClaim(Policies.IsModerator, true.ToString().ToLower())
																			.Build();

		public static string GetHostWithPath(this HttpContext httpContext) =>
			$"https://{httpContext.Request.Host}{httpContext.Request.Path}";

		public static string GetHost(this HttpContext httpContext) =>
			$"https://{httpContext.Request.Host}";

		public static X509Certificate2 GetX509Certificate2(string certName)
		{
			var keypairgen = new RsaKeyPairGenerator();
			keypairgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), 512));

			var keypair = keypairgen.GenerateKeyPair();

			var gen = new X509V3CertificateGenerator();

			var CN = new X509Name("CN=" + certName);
			var SN = BigInteger.ProbablePrime(120, new Random());

			gen.SetSerialNumber(SN);
			gen.SetSubjectDN(CN);
			gen.SetIssuerDN(CN);
			gen.SetNotAfter(DateTime.MaxValue);
			gen.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7, 0, 0, 0)));
			gen.SetSignatureAlgorithm("MD5WithRSA");
			gen.SetPublicKey(keypair.Public);

			var newCert = gen.Generate(keypair.Private);

			return new X509Certificate2(DotNetUtilities.ToX509Certificate((Org.BouncyCastle.X509.X509Certificate)newCert));
		}

		public static UserPolicyType GetHighestPolicy(this ClaimsPrincipal claimsPrincipal)
		{
			if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsAdmin)))
				return UserPolicyType.IsAdmin;

			if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsModerator)))
				return UserPolicyType.IsModerator;

			if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsUser)))
				return UserPolicyType.IsUser;

			return UserPolicyType.IsUser;
		}
	}
}