using Amazon.KeyManagementService.Model;
using System;
using System.Threading;
using System.Threading.Tasks;
using static StellaOps.Localization.T;

namespace StellaOps.Cryptography.Kms;

internal sealed partial class AwsKmsFacade
{
    public async Task<AwsKeyMetadata> GetMetadataAsync(string keyId, CancellationToken cancellationToken)
    {
        ArgumentException.ThrowIfNullOrWhiteSpace(keyId);

        var response = await _client.DescribeKeyAsync(new DescribeKeyRequest
        {
            KeyId = keyId,
        }, cancellationToken).ConfigureAwait(false);

        var metadata = response.KeyMetadata ?? throw new InvalidOperationException(_t("crypto.kms.key_not_found", keyId));
        var createdAt = metadata.CreationDate?.ToUniversalTime() ?? _timeProvider.GetUtcNow();

        return new AwsKeyMetadata(
            metadata.KeyId ?? keyId,
            metadata.Arn ?? metadata.KeyId ?? keyId,
            createdAt,
            MapStatus(metadata.KeyState));
    }

    public async Task<AwsPublicKeyMaterial> GetPublicKeyAsync(string keyResource, CancellationToken cancellationToken)
    {
        ArgumentException.ThrowIfNullOrWhiteSpace(keyResource);

        var response = await _client.GetPublicKeyAsync(new GetPublicKeyRequest
        {
            KeyId = keyResource,
        }, cancellationToken).ConfigureAwait(false);

        var keyId = response.KeyId ?? keyResource;
        var versionId = response.KeyId ?? keyResource;
        var curve = ResolveCurve(response);

        return new AwsPublicKeyMaterial(keyId, versionId, curve, response.PublicKey.ToArray());
    }
}