package be.simplenotes.domain.security

import be.simplenotes.shared.config.JwtConfig
import com.auth0.jwt.JWT
import com.auth0.jwt.JWTVerifier
import com.auth0.jwt.algorithms.Algorithm
import java.util.*
import java.util.concurrent.TimeUnit

internal const val userIdField = "i"
internal const val usernameField = "u"

class SimpleJwt(jwtConfig: JwtConfig) {
    private val validityInMs = TimeUnit.MILLISECONDS.convert(jwtConfig.validity, jwtConfig.timeUnit)
    private val algorithm = Algorithm.HMAC256(jwtConfig.secret)

    val verifier: JWTVerifier = JWT.require(algorithm).build()
    fun sign(jwtPayload: JwtPayload): String = JWT.create()
        .withClaim(userIdField, jwtPayload.userId)
        .withClaim(usernameField, jwtPayload.username)
        .withExpiresAt(getExpiration())
        .sign(algorithm)

    private fun getExpiration() = Date(System.currentTimeMillis() + validityInMs)
}