package applications

import (
	"cwtch.im/tapir"
	"cwtch.im/tapir/primitives/privacypass"
	"encoding/json"
	"git.openprivacy.ca/openprivacy/libricochet-go/log"
)

// TokenApplication provides Tokens for PoW
type TokenApplication struct {
	TranscriptApp
	TokenService *privacypass.TokenServer
	Tokens       []*privacypass.Token
}

// HasTokensCapability is granted once the client has obtained signed tokens
const HasTokensCapability = tapir.Capability("HasTokensCapability")

// NewInstance should always return a new instantiation of the application.
func (powapp *TokenApplication) NewInstance() tapir.Application {
	app := new(TokenApplication)
	app.TokenService = powapp.TokenService
	return app
}

// Init is run when the connection is first started.
func (powapp *TokenApplication) Init(connection tapir.Connection) {
	powapp.Transcript().NewProtocol("token-app")
	log.Debugf(powapp.Transcript().OutputTranscriptToAudit())
	if connection.IsOutbound() {
		tokens, blinded := privacypass.GenerateBlindedTokenBatch(10)
		data, _ := json.Marshal(blinded)
		connection.Send(data)
		var signedBatch privacypass.SignedBatchWithProof
		err := json.Unmarshal(connection.Expect(), &signedBatch)
		if err == nil {
			verified := privacypass.UnblindSignedTokenBatch(tokens, blinded, signedBatch.SignedTokens, powapp.TokenService.Y, signedBatch.Proof, powapp.Transcript())
			if verified {
				log.Debugf("Successfully obtained signed tokens")
				powapp.Tokens = tokens
				connection.SetCapability(HasTokensCapability)
				return
			}
			log.Debugf("Failed to verify signed token batch")
		}
	} else {
		var blinded []privacypass.BlindedToken
		err := json.Unmarshal(connection.Expect(), &blinded)
		if err == nil {
			batchProof := powapp.TokenService.SignBlindedTokenBatch(blinded, powapp.Transcript())
			log.Debugf(powapp.Transcript().OutputTranscriptToAudit())
			data, _ := json.Marshal(batchProof)
			connection.Send(data)
			return
		}
	}
}