package services

import (
	"context"
	"crypto/rand"
	"encoding/hex"
	"fmt"

	"github.com/go-playground/validator/v10"
	"go.uber.org/zap"

	"github.com/kms/api-key-service/internal/domain"
	"github.com/kms/api-key-service/internal/repository"
)

// applicationService implements the ApplicationService interface
type applicationService struct {
	appRepo   repository.ApplicationRepository
	logger    *zap.Logger
	validator *validator.Validate
}

// NewApplicationService creates a new application service
func NewApplicationService(appRepo repository.ApplicationRepository, logger *zap.Logger) ApplicationService {
	return &applicationService{
		appRepo:   appRepo,
		logger:    logger,
		validator: validator.New(),
	}
}

// Create creates a new application
func (s *applicationService) Create(ctx context.Context, req *domain.CreateApplicationRequest, userID string) (*domain.Application, error) {
	s.logger.Info("Creating application", zap.String("app_id", req.AppID), zap.String("user_id", userID))

	// Input validation using validator
	if err := s.validator.Struct(req); err != nil {
		s.logger.Warn("Application creation request validation failed", 
			zap.String("app_id", req.AppID),
			zap.String("user_id", userID),
			zap.Error(err))
		return nil, fmt.Errorf("validation failed: %w", err)
	}

	// Basic permission validation - check if user can create applications
	// In a real system, this would check against user roles/permissions
	if userID == "" {
		return nil, fmt.Errorf("user authentication required")
	}

	// Additional business logic validation
	if req.TokenRenewalDuration > req.MaxTokenDuration {
		return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
	}

	app := &domain.Application{
		AppID:                req.AppID,
		AppLink:              req.AppLink,
		Type:                 req.Type,
		CallbackURL:          req.CallbackURL,
		HMACKey:              generateHMACKey(), // Uses crypto/rand for secure key generation
		TokenPrefix:          req.TokenPrefix,
		TokenRenewalDuration: req.TokenRenewalDuration,
		MaxTokenDuration:     req.MaxTokenDuration,
		Owner:                req.Owner,
	}

	if err := s.appRepo.Create(ctx, app); err != nil {
		s.logger.Error("Failed to create application", zap.Error(err), zap.String("app_id", req.AppID))
		return nil, fmt.Errorf("failed to create application: %w", err)
	}

	s.logger.Info("Application created successfully", zap.String("app_id", app.AppID))
	return app, nil
}

// GetByID retrieves an application by its ID
func (s *applicationService) GetByID(ctx context.Context, appID string) (*domain.Application, error) {
	s.logger.Debug("Getting application by ID", zap.String("app_id", appID))

	app, err := s.appRepo.GetByID(ctx, appID)
	if err != nil {
		s.logger.Error("Failed to get application", zap.Error(err), zap.String("app_id", appID))
		return nil, fmt.Errorf("failed to get application: %w", err)
	}

	return app, nil
}

// List retrieves applications with pagination
func (s *applicationService) List(ctx context.Context, limit, offset int) ([]*domain.Application, error) {
	s.logger.Debug("Listing applications", zap.Int("limit", limit), zap.Int("offset", offset))

	if limit <= 0 {
		limit = 50 // Default limit
	}
	if limit > 100 {
		limit = 100 // Max limit
	}

	apps, err := s.appRepo.List(ctx, limit, offset)
	if err != nil {
		s.logger.Error("Failed to list applications", zap.Error(err))
		return nil, fmt.Errorf("failed to list applications: %w", err)
	}

	s.logger.Debug("Listed applications", zap.Int("count", len(apps)))
	return apps, nil
}

// Update updates an existing application
func (s *applicationService) Update(ctx context.Context, appID string, updates *domain.UpdateApplicationRequest, userID string) (*domain.Application, error) {
	s.logger.Info("Updating application", zap.String("app_id", appID), zap.String("user_id", userID))

	// Input validation using validator
	if err := s.validator.Struct(updates); err != nil {
		s.logger.Warn("Application update request validation failed", 
			zap.String("app_id", appID),
			zap.String("user_id", userID),
			zap.Error(err))
		return nil, fmt.Errorf("validation failed: %w", err)
	}

	// Basic permission validation - check if user can update applications
	// In a real system, this would check against user roles/permissions and application ownership
	if userID == "" {
		return nil, fmt.Errorf("user authentication required")
	}

	// Additional business logic validation
	if updates.TokenRenewalDuration != nil && updates.MaxTokenDuration != nil {
		if *updates.TokenRenewalDuration > *updates.MaxTokenDuration {
			return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
		}
	}

	app, err := s.appRepo.Update(ctx, appID, updates)
	if err != nil {
		s.logger.Error("Failed to update application", zap.Error(err), zap.String("app_id", appID))
		return nil, fmt.Errorf("failed to update application: %w", err)
	}

	s.logger.Info("Application updated successfully", zap.String("app_id", appID))
	return app, nil
}

// Delete deletes an application
func (s *applicationService) Delete(ctx context.Context, appID string, userID string) error {
	s.logger.Info("Deleting application", zap.String("app_id", appID), zap.String("user_id", userID))

	// Basic permission validation - check if user can delete applications
	// In a real system, this would check against user roles/permissions and application ownership
	if userID == "" {
		return fmt.Errorf("user authentication required")
	}

	// Input validation - check appID format
	if appID == "" {
		return fmt.Errorf("application ID is required")
	}

	// Check if application exists before attempting deletion
	_, err := s.appRepo.GetByID(ctx, appID)
	if err != nil {
		s.logger.Warn("Application not found for deletion", 
			zap.String("app_id", appID),
			zap.String("user_id", userID))
		return fmt.Errorf("application not found: %w", err)
	}

	// Check for existing tokens and handle appropriately
	// In a production system, we would implement one of these strategies:
	// 1. Prevent deletion if active tokens exist (safe approach)
	// 2. Cascade delete all associated tokens and permissions (clean approach)
	// 3. Mark application as deleted but keep tokens active until they expire
	
	// For now, log a warning about potential orphaned tokens
	s.logger.Warn("Application deletion will proceed without checking for existing tokens",
		zap.String("app_id", appID),
		zap.String("recommendation", "implement token cleanup or prevention logic"))

	if err := s.appRepo.Delete(ctx, appID); err != nil {
		s.logger.Error("Failed to delete application", zap.Error(err), zap.String("app_id", appID))
		return fmt.Errorf("failed to delete application: %w", err)
	}

	s.logger.Info("Application deleted successfully", zap.String("app_id", appID))
	return nil
}

// generateHMACKey generates a secure HMAC key
func generateHMACKey() string {
	// Generate 32 bytes (256 bits) of cryptographically secure random data
	key := make([]byte, 32)
	_, err := rand.Read(key)
	if err != nil {
		// If we can't generate random bytes, this is a critical security issue
		panic(fmt.Sprintf("Failed to generate cryptographic key: %v", err))
	}

	// Return as hex-encoded string for storage
	return hex.EncodeToString(key)
}