package op

import (
	"net/http"
	"time"

	"github.com/gorilla/csrf"
	"github.com/gorilla/mux"
	"github.com/spf13/viper"
)

func NewOIDCServer(oidc_handler *OIDCHandler, cfg *viper.Viper) error {
	var (
		dev_env = cfg.GetBool("dev_env")
		address = "0.0.0.0:" + cfg.GetString("services.oidc_provider.port")
		//csrf_key = cfg.GetString("services.oidc_provider.csrf_key")
	)

	router := mux.NewRouter()
	router.HandleFunc("/{namespace}/auth", oidc_handler.AuthEndpoint)
	router.HandleFunc("/{namespace}/token", oidc_handler.TokenEndpoint)
	router.HandleFunc("/{namespace}/introspect", oidc_handler.IntrospectionEndpoint)
	router.HandleFunc("/{namespace}/userinfo", oidc_handler.UserinfoEndpoint)
	router.HandleFunc("/{namespace}/.well-known/openid-configuration", oidc_handler.WellKnownOIDCEndpoint)
	router.HandleFunc("/{namespace}/.well-known/jwks.json", oidc_handler.WellKnownJWKSEndpoint)

	if dev_env {
		csrf.Secure(false)
	}

	srv := &http.Server{
		Handler:      router,
		Addr:         address,
		WriteTimeout: 15 * time.Second,
		ReadTimeout:  15 * time.Second,
	}
	err := srv.ListenAndServe()

	return err
}