using DigitalData.Core.Abstractions.Security;
using System.Security.Cryptography;
using System.Text.Json;

namespace DigitalData.Core.Security
{
    public class RSACryptographer : IRSACryptographer
    {
        public required virtual string Pem { get; init; }

        public RSAEncryptionPadding Padding { get; init; } = RSAEncryptionPadding.OaepSHA256;

        protected virtual RSA RSA { get; } = RSA.Create();

        public string? Issuer { get; init; }

        public string? Audience { get; init; }

        private DateOnly? _expiration;

        public DateOnly? Expiration
        {
            get => _expiration;
            init
            {
                
                if (value <= DateOnly.FromDateTime(DateTime.Now))
                    throw new InvalidOperationException($"Cryptographer expiration date has already passed. Cryptographer: {JsonSerializer.Serialize(this)}");

                _expiration = value;
            }
        }

        private Version? _version;

        public Version? Version
        {
            get => _version;
            init
            {
                if (value != Secrets.Version)
                    throw new InvalidOperationException($"Cryptographer version ({value}) does not match the expected version ({Secrets.Version}). Cryptographer: {JsonSerializer.Serialize(this)}");

                _version = value;
            }
        }

        internal RSACryptographer() { }
    }
}