import { env } from '../../lib/env.js';
import { ProviderSecrets, ProviderType } from '../../core/types.js';
import { storage } from '../../lib/storage.js';

const SECRETS_FILE = 'provider-secrets.json';

interface SecretsRecord {
  tenantId: string;
  provider: ProviderType;
  secrets: ProviderSecrets;
}

export class SecretsService {
  async getProviderSecrets(provider: ProviderType, tenantId: string): Promise<ProviderSecrets> {
    const records = await storage.readCollection<SecretsRecord>(SECRETS_FILE);
    const record = records.find((item) => item.tenantId === tenantId && item.provider === provider);

    if (record) {
      return record.secrets;
    }

    const defaults: Record<ProviderType, ProviderSecrets> = {
      appwrite: {
        endpoint: env.appwriteEndpoint,
        apiKey: env.appwriteApiKey,
      },
      supabase: {
        endpoint: env.supabaseEndpoint,
        apiKey: env.supabaseServiceKey,
      },
    };

    return defaults[provider];
  }

  async rotateProviderSecrets(
    provider: ProviderType,
    tenantId: string,
    secrets: ProviderSecrets,
  ): Promise<void> {
    const records = await storage.readCollection<SecretsRecord>(SECRETS_FILE);
    const existing = records.find((item) => item.tenantId === tenantId && item.provider === provider);

    if (existing) {
      existing.secrets = secrets;
    } else {
      records.push({ tenantId, provider, secrets });
    }

    await storage.writeCollection(SECRETS_FILE, records);
  }
}