#!/bin/bash

# OAuth Provider Configuration Generator
# This script helps you generate a valid JSON configuration for OAuth providers

set -e

# Provider definitions as JSON
# To add a new provider, add an entry to this JSON array
PROVIDERS_JSON='[
  {
    "type": "Keycloak",
    "fields": [
      {"name": "baseUrl", "prompt": "Base URL (e.g., '\''https://sso.example.com'\'')"},
      {"name": "realm", "prompt": "Realm (e.g., '\''my-realm'\'')"},
      {"name": "clientID", "prompt": "Client ID"},
      {"name": "clientSecret", "prompt": "Client Secret"}
    ]
  }
]'

# Reads common provider-agnostic configuration
read_general_config() {
    read -p "Name (unique identifier, e.g., 'SSO'): " name
    read -p "Display Name (e.g., 'Company SSO'): " display_name

    # Escape for JSON and export for caller
    name=$(printf '%s' "$name" | jq -Rs .)
    display_name=$(printf '%s' "$display_name" | jq -Rs .)

    echo "$name|$display_name"
}

# Reads provider-specific configuration based on JSON field definitions
# $1: JSON array of fields
read_provider_config() {
    local fields_json="$1"
    local json_fields=""

    local field_count=$(echo "$fields_json" | jq 'length')
    for ((i=0; i<field_count; i++)); do
        local field_name=$(echo "$fields_json" | jq -r ".[$i].name")
        local prompt=$(echo "$fields_json" | jq -r ".[$i].prompt")

        read -p "$prompt: " value
        value=$(printf '%s' "$value" | jq -Rs .)

        # Add comma only if not the last field
        if [ $i -lt $((field_count - 1)) ]; then
            json_fields+="  \"$field_name\": $value,"$'\n'
        else
            json_fields+="  \"$field_name\": $value"$'\n'
        fi
    done

    echo "$json_fields"
}

echo "=== OAuth Provider Configuration Generator ==="
echo ""

# Array to store multiple provider configurations
configs=()

# Get provider count
provider_count=$(echo "$PROVIDERS_JSON" | jq 'length')

while true; do
    echo "Select OAuth Provider:"

    # List all providers
    for ((i=0; i<provider_count; i++)); do
        provider_type=$(echo "$PROVIDERS_JSON" | jq -r ".[$i].type")
        echo "$((i+1))) $provider_type"
    done

    echo "0) Done (generate JSON)"
    read -p "Choice: " provider_choice

    if [ "$provider_choice" == "0" ]; then
        break
    fi

    if [ "$provider_choice" -ge 1 ] && [ "$provider_choice" -le "$provider_count" ]; then
        provider_index=$((provider_choice-1))
        provider_type=$(echo "$PROVIDERS_JSON" | jq -r ".[$provider_index].type")
        fields_json=$(echo "$PROVIDERS_JSON" | jq ".[$provider_index].fields")

        echo ""
        echo "--- $provider_type Configuration ---"

        # Read general config
        general_config=$(read_general_config)
        IFS='|' read -r name display_name <<< "$general_config"

        # Read provider-specific config
        provider_fields=$(read_provider_config "$fields_json")

        # Build JSON object
        config=$(cat <<EOF
{
  "type": "$provider_type",
  "name": $name,
  "displayName": $display_name,
$provider_fields}
EOF
        )

        configs+=("$config")
        echo ""
        echo "✓ $provider_type provider added"
        echo ""
    else
        echo "Invalid choice. Please try again."
        echo ""
    fi
done

if [ ${#configs[@]} -eq 0 ]; then
    echo "No providers configured. Exiting."
    exit 0
fi

echo ""
echo "=== Generated OAuth Configuration ==="
echo ""

# Build JSON array
json="["
for i in "${!configs[@]}"; do
    json+="${configs[$i]}"
    if [ $i -lt $((${#configs[@]} - 1)) ]; then
        json+=","
    fi
done
json+="]"

# Compact JSON output (one line, no pretty printing)
echo "$json" | jq -c .

echo ""
echo "Copy the JSON above and paste it into your settings for 'OAuthProviders'"