<?php

namespace app\controller;

use app\service\GoogleOAuthService;
use support\Request;
use support\Response;
use DI\Annotation\Inject;

class OAuthController
{

    /**
     * @Inject
     * @var GoogleOAuthService
     */
    private $googleOAuthService;


    public function getAuthCode()
    {
        $authUrl = $this->googleOAuthService->getAuthUrl();
        return $this->successResponse([
            'url' => $authUrl,
        ]);
    }


    public function handleCallback(Request $request)
    {
//        $state = $request->input('state'); // 从Google回调中获取state
        $code  = $request->input('code'); // 授权码

        // 验证state值是否与保存的值一致
//        if ($state !== $_SESSION['oauth_state']) {
//        if ($state !== '7a7a9edad5b48c127b7c14fabe39fae0') {
//            return $this->errorResponse(400, 'Invalid state parameter');
//        }
        // state值验证通过，继续处理授权码
        $googleOAuthService = new GoogleOAuthService();
        $tokens             = $googleOAuthService->getRefreshToken($code);

        return $this->successResponse($tokens);
    }

    public function getRefreshToken(Request $request)
    {
        $authCode           = $request->input('code');
//        $state = $request->input('state'); // 从Google回调中获取state
        // 验证state值是否与保存的值一致
//        if ($state !== $_SESSION['oauth_state']) {
//            return $this->errorResponse(400, 'Invalid state parameter');
//        }
        $googleOAuthService = new GoogleOAuthService();

        $tokens = $googleOAuthService->getRefreshToken($authCode);
        if (!isset($tokens['refresh_token'])) {
             return $this->successResponse($tokens);
        }
        // 保存refresh token到数据库
//        $googleOAuthService->saveRefreshToken($tokens['refresh_token'], $tokens['access_token'], $request->user_id);
        $googleOAuthService->saveRefreshToken($tokens['refresh_token'], $tokens['access_token']);
        return $this->successResponse($tokens);
    }

    public function useRefreshToken(Request $request)
    {
        $refreshToken       = $request->input('refresh_token');
        $googleOAuthService = new GoogleOAuthService();

        $newAccessToken = $googleOAuthService->useRefreshToken($refreshToken);
        return $this->successResponse(['access_token' => $newAccessToken]);
    }

    public function revokeRefreshToken(Request $request)
    {
        $accessToken       = $request->input('token'); //access token
        $googleOAuthService = new GoogleOAuthService();

        $googleOAuthService->revokeToken($accessToken);
        return $this->successResponse(['deleted' => 'success']);

    }


    // 可以加入一些公共方法
    protected function successResponse($data): Response
    {
        return Json([
            'code' => 0,
            'msg' => 'ok',
            'data' => $data,
        ]);
    }

    protected function errorResponse($code, $message, $data = []): Response
    {
        return Json([
            'code' => $code,
            'msg' => $message ?: 'error',
            'data' => $data
        ]);
    }

}