import express from "express"

let app = express()

import  pkceChallenge from 'pkce-challenge'
import  querystring from 'querystring'
import axios from "axios";




import {v4 as uuidv4} from 'uuid'

/*let ClientOAuth2 = require('client-oauth2')

let datevAuth = new ClientOAuth2({
    clientId: '890ea22ce51666232e55c8ac3d73f51a',
    clientSecret: 'eaef5362ce153551ef0f3d5e061ab7da',
    accessTokenUri: 'https://sandbox-api.datev.de/token',
    authorizationUri: 'https://login.datev.de/openidsandbox/authorize',
    redirectUri: 'http://localhost:3001/auth/datev/callback',
    scopes: ['accounting:clients:read', 'accounting:documents ', 'openid'],
    state:"0123456789012345678901234567890123456789"
})*/

const auth_token_endpoint = "https://login.datev.de/openidsandbox/authorize"
const query_params = {
    client_id: "890ea22ce51666232e55c8ac3d73f51a",
    redirect_uri: "http://localhost/"
}
const scopes = ["openid", "profile", "email"]

const requests = []



app.get('/auth/datev', async function (req, res) {
    //var uri = datevAuth.code.getUri()
    let challengePKCE = await pkceChallenge()

    let request = {
        state: uuidv4(),
        code_challenge: challengePKCE.code_challenge,
        code_verifier: challengePKCE.code_verifier
    }

    requests.push(request)


    const auth_token_params = {
        ...query_params,
        response_type: "code id_token",
        state: request.state,
        nonce: "0123456789012345678901234567890123456789",
        response_mode: "query",
        code_challenge: request.code_challenge,
        code_challenge_method: "S256"
    }

    const getAuthTokenUrl =  `${auth_token_endpoint}?${querystring.stringify(auth_token_params)}&scope=${scopes.join(' ')}`

    res.redirect(getAuthTokenUrl)
})

app.get('/', async function (req, res) {

    let request = requests.find(r => r.state === req.query.state)

    console.log(req.query)
    console.log(request)
    const accessTokenEndpoint = "https://sandbox-api.datev.de/token"

    const access_token_params = {
        ...query_params,
        client_secret: "eaef5362ce153551ef0f3d5e061ab7da",
        code: req.query.code,
        grant_type: "authorization_code",
        code_verifier: request.code_verifier
    }


    axios({
        method: "post",
        url: `${accessTokenEndpoint}?${querystring.stringify(access_token_params)}`,
        headers: {
            "Authorization": `Basic ${btoa(access_token_params.client_id + ":" + access_token_params.client_secret)}`
        }
    })

    console.log(error)
    console.log(data)


    res.send("ok")
})

app.listen(80)