<?php

namespace App\Module\OAuth\Repositories;

use App\Module\OAuth\Models\OAuthAccessToken;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Entities\Traits\AccessTokenTrait;
use League\OAuth2\Server\Entities\Traits\EntityTrait;
use League\OAuth2\Server\Entities\Traits\TokenEntityTrait;

class AccessTokenRepository implements AccessTokenRepositoryInterface
{
    public function getNewToken(
        ClientEntityInterface $clientEntity,
        array $scopes,
        $userIdentifier = null
    ) {
        return new class($clientEntity, $scopes, $userIdentifier) implements AccessTokenEntityInterface {
            use AccessTokenTrait, EntityTrait, TokenEntityTrait;

            public function __construct($clientEntity, $scopes, $userIdentifier = null)
            {
                $this->setClient($clientEntity);
                foreach ($scopes as $scope) {
                    $this->addScope($scope);
                }
                if ($userIdentifier) {
                    $this->setUserIdentifier($userIdentifier);
                }
            }
        };
    }

    public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEntity)
    {
        OAuthAccessToken::create([
            'client_id' => $accessTokenEntity->getClient()->getIdentifier(),
            'user_id' => $accessTokenEntity->getUserIdentifier(),
            'access_token' => $accessTokenEntity->getIdentifier(),
            'expires_at' => $accessTokenEntity->getExpiryDateTime(),
            'scope' => array_map(function ($scope) {
                return $scope->getIdentifier();
            }, $accessTokenEntity->getScopes()),
        ]);
    }

    public function revokeAccessToken($tokenId)
    {
        OAuthAccessToken::where('access_token', $tokenId)->delete();
    }

    public function isAccessTokenRevoked($tokenId)
    {
        return !OAuthAccessToken::where('access_token', $tokenId)
            ->where('expires_at', '>', now())
            ->exists();
    }
}