using ZB.MOM.WW.MxGateway.Server.Security.Authentication;

namespace ZB.MOM.WW.MxGateway.Server.Security.Authorization;

public sealed class GatewayRequestIdentityAccessor : IGatewayRequestIdentityAccessor
{
    private readonly AsyncLocal<ApiKeyIdentity?> currentIdentity = new();

    /// <inheritdoc />
    public ApiKeyIdentity? Current => currentIdentity.Value;

    /// <inheritdoc />
    public IDisposable Push(ApiKeyIdentity identity)
    {
        ArgumentNullException.ThrowIfNull(identity);

        ApiKeyIdentity? previousIdentity = currentIdentity.Value;
        currentIdentity.Value = identity;

        return new IdentityScope(this, previousIdentity);
    }

    private sealed class IdentityScope(
        GatewayRequestIdentityAccessor accessor,
        ApiKeyIdentity? previousIdentity) : IDisposable
    {
        private bool disposed;

        /// <summary>Restores the previous identity.</summary>
        public void Dispose()
        {
            if (disposed)
            {
                return;
            }

            accessor.currentIdentity.Value = previousIdentity;
            disposed = true;
        }
    }
}