use serde::{Deserialize, Serialize};

use super::InstanceAuthenticated;

/// An authentication message.
///
/// View request documentation, authentication, and authorization
/// details in the associated type, [`AuthenticationRequest`].
#[derive(Clone, Serialize, Deserialize)]
pub enum AuthenticationMessage {
    Request(AuthenticationRequest),
    Response(AuthenticationResponse),
}

#[derive(Clone, Serialize, Deserialize)]
pub enum AuthenticationRequest {
    /// An account registration request.
    ///
    /// # Authentication
    /// - Instance Authentication
    ///   - **ONLY ACCEPTED WHEN SAME-INSTANCE**
    RegisterAccount(InstanceAuthenticated<RegisterAccountRequest>),

    /// An authentication token request.
    ///
    /// AKA Login Request
    ///
    /// # Authentication
    /// - Instance Authentication
    ///   - **ONLY ACCEPTED WHEN SAME-INSTANCE**
    ///   - Identifies the Instance to issue the token for
    /// # Authorization
    /// - Credentials ([`crate::backend::AuthBackend`]-based)
    ///   - Identifies the User account to issue a token for
    ///   - Decrypts user private key to issue to
    AuthenticationToken(InstanceAuthenticated<AuthenticationTokenRequest>),

    /// An authentication token extension request.
    ///
    /// # Authentication
    /// - Instance Authentication
    ///   - **ONLY ACCEPTED WHEN SAME-INSTANCE**
    ///   - Identifies the Instance to issue the token for
    /// # Authorization
    /// - Token-based
    ///   - Validates authorization using token's authenticity
    TokenExtension(InstanceAuthenticated<TokenExtensionRequest>),
}

#[derive(Clone, Serialize, Deserialize)]
pub enum AuthenticationResponse {
    RegisterAccount(RegisterAccountResponse),
    AuthenticationToken(AuthenticationTokenResponse),
    TokenExtension(TokenExtensionResponse),
}

/// See [`AuthenticationRequest::RegisterAccount`]'s documentation.
#[derive(Clone, Serialize, Deserialize)]
pub struct RegisterAccountRequest {
    pub username: String,
    pub email: Option<String>,
    pub password: String,
}

#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct RegisterAccountResponse {
    pub token: String,
}

/// See [`AuthenticationRequest::AuthenticationToken`]'s documentation.
#[derive(Clone, Serialize, Deserialize)]
pub struct AuthenticationTokenRequest {
    pub secret_key: String,
    pub username: String,
    pub password: String,
}

#[derive(Clone, Serialize, Deserialize)]
pub struct AuthenticationTokenResponse {
    pub token: String,
}

/// See [`AuthenticationRequest::TokenExtension`]'s documentation.
#[derive(Clone, Serialize, Deserialize)]
pub struct TokenExtensionRequest {
    pub secret_key: String,
    pub token: String,
}

#[derive(Clone, Serialize, Deserialize)]
pub struct TokenExtensionResponse {
    pub new_token: Option<String>,
}