namespace ZB.MOM.WW.MxGateway.Server.Security.Authentication;

public sealed class ApiKeyParser : IApiKeyParser
{
    private const string BearerPrefix = "Bearer ";
    private const string TokenPrefix = "mxgw_";

    /// <summary>Attempts to parse a Bearer token from an Authorization header and extract the API key ID and secret.</summary>
    /// <param name="authorizationHeader">Authorization header value to parse.</param>
    /// <param name="apiKey">Parsed API key with ID and secret, or null if parsing failed.</param>
    /// <returns>True if the header was successfully parsed; otherwise, false.</returns>
    public bool TryParseAuthorizationHeader(string? authorizationHeader, out ParsedApiKey? apiKey)
    {
        apiKey = null;

        if (string.IsNullOrWhiteSpace(authorizationHeader)
            || !authorizationHeader.StartsWith(BearerPrefix, StringComparison.OrdinalIgnoreCase))
        {
            return false;
        }

        string token = authorizationHeader[BearerPrefix.Length..].Trim();

        if (!token.StartsWith(TokenPrefix, StringComparison.OrdinalIgnoreCase))
        {
            return false;
        }

        string keyPayload = token[TokenPrefix.Length..];
        int separatorIndex = keyPayload.IndexOf('_', StringComparison.Ordinal);

        if (separatorIndex <= 0 || separatorIndex == keyPayload.Length - 1)
        {
            return false;
        }

        string keyId = keyPayload[..separatorIndex];
        string secret = keyPayload[(separatorIndex + 1)..];

        if (string.IsNullOrWhiteSpace(keyId) || string.IsNullOrWhiteSpace(secret))
        {
            return false;
        }

        apiKey = new ParsedApiKey(keyId, secret);

        return true;
    }
}