import secrets
from flask import Blueprint, render_template, request, redirect, url_for
from CTFd.utils.decorators import admins_only
from .models import db, OIDCClient, OIDCKey
from .crypto import generate_rsa_key
from .config import get_config, set_config

oidc_admin_blueprint = Blueprint(
    "oidc_admin",
    __name__,
    url_prefix="/admin/oidc",
    template_folder="templates",
)


@oidc_admin_blueprint.route("/", methods=["GET"])
@admins_only
def index():
    clients = OIDCClient.query.all()
    keys = OIDCKey.query.order_by(OIDCKey.created.desc()).all()
    baseUrl = get_config("base_url", "")
    return render_template("index.html", clients=clients, keys=keys, baseUrl=baseUrl)


@oidc_admin_blueprint.route("/config", methods=["POST"])
@admins_only
def config():
    set_config("base_url", request.form["base_url"])
    return redirect(url_for("oidc_admin.index"))


@oidc_admin_blueprint.route("/clients", methods=["POST"])
@admins_only
def clients():
    client = OIDCClient(
        client_id=request.form["client_id"],
        client_secret=secrets.token_urlsafe(32),
        redirect_uris=request.form["redirect_uris"],
    )
    db.session.add(client)

    private_pem, public_pem = generate_rsa_key()

    oidc_key = OIDCKey(
        kid=secrets.token_urlsafe(16),
        private_pem=private_pem.decode(),
        public_pem=public_pem.decode(),
        client_id=client.client_id,
    )
    db.session.add(oidc_key)
    db.session.commit()

    return redirect(url_for("oidc_admin.index"))


@oidc_admin_blueprint.route("/clients/<client_id>/delete", methods=["POST"])
@admins_only
def delete_client(client_id):
    client = OIDCClient.query.get_or_404(client_id)
    db.session.delete(client)
    db.session.commit()
    return redirect(url_for("oidc_admin.index"))