using DigitalData.Core.Abstractions.Security;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;

namespace DigitalData.Core.Security.RSAKey
{
    public class RSAPrivateKey : RSAKeyBase, IAsymmetricPrivateKey, IAsymmetricKey
    {
        private string? _pem;

        public override string Content
        {
#pragma warning disable CS8603 // Possible null reference return.
            get => _pem;
#pragma warning restore CS8603 // Possible null reference return.
            init
            {
                _pem = value;
                Init();
            }
        }

        public bool IsPemNull => _pem is null;

        public bool IsEncrypted { get; init; }

        private readonly Lazy<IAsymmetricPublicKey> _lazyPublicKey;

        public IAsymmetricPublicKey PublicKey => _lazyPublicKey.Value;

        public RSAPrivateKey()
        {
            _lazyPublicKey = new(() => new RSAPublicKey()
            {
                Content = RSA.ExportRSAPublicKeyPem()
            });
        }

        internal void SetPem(string pem)
        {
            _pem = pem;
            Init();
        }

        private void Init()
        {
            if (string.IsNullOrEmpty(_pem))
                throw PemIsNullException;

            if (IsEncrypted)
                RSA.ImportFromEncryptedPem(Content, Secrets.PBE_PASSWORD.AsSpan());
            else
                RSA.ImportFromPem(Content);
        }

        private InvalidOperationException PemIsNullException => new($"Content is null or empty. Issuer: {Issuer}, Audience: {Audience}.");
    }
}