using System.Security.Cryptography.X509Certificates;
using StellaOps.Zastava.Webhook.Configuration;

namespace StellaOps.Zastava.Webhook.Certificates;

/// <summary>
/// Placeholder implementation for CSR-based certificate provisioning.
/// </summary>
public sealed class CsrCertificateSource : IWebhookCertificateSource
{
    private readonly ILogger<CsrCertificateSource> _logger;

    public CsrCertificateSource(ILogger<CsrCertificateSource> logger)
    {
        _logger = logger;
    }

    public bool CanHandle(ZastavaWebhookTlsMode mode) => mode == ZastavaWebhookTlsMode.CertificateSigningRequest;

    public X509Certificate2 LoadCertificate(ZastavaWebhookTlsOptions options)
    {
        _logger.LogError("CSR certificate mode is not implemented yet. Configuration requested CSR mode.");
        throw new NotSupportedException("CSR certificate provisioning is not implemented (tracked by ZASTAVA-WEBHOOK-12-101).");
    }
}