using DigitalData.Core.Abstractions.Security;
using DigitalData.Core.Security.Config;
using DigitalData.Core.Security.RSAKey;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
 
namespace DigitalData.Core.Security
{
    public class Cryptograph : RSAFactory<CryptographParams>, ICryptograph, IAsymmetricKeyFactory
    {
        public IEnumerable<IAsymmetricDecryptor> Decryptors { get; }
        
        /// <summary>
        /// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default.
        /// </summary>
        public IAsymmetricDecryptor VaultDecryptor { get; }

        private readonly Lazy<IEnumerable<IAsymmetricPublicKey>> _lazyPublicKeys;

        public IEnumerable<IAsymmetricPublicKey> PublicKeys => _lazyPublicKeys.Value;

        public IEnumerable<PrivateKeyTokenDescriptor> TokenDescriptions { get; init; } = new List<PrivateKeyTokenDescriptor>();

        public Cryptograph(IOptions<CryptographParams> options, ILogger<Cryptograph>? logger = null) : base(options)
        {
            logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));

            if (!_params.Decryptors.Any())
                throw new InvalidOperationException(
                    "Any decryptor is not found. Ensure that at least one decryptor is configured in the provided parameters. " +
                    "This issue typically arises if the configuration for decryptors is incomplete or missing. " +
                    "Check the 'Decryptors' collection in the configuration and verify that it contains valid entries."
                );

            Decryptors = _params.Decryptors;

            VaultDecryptor = _params.VaultDecryptor ?? Decryptors.First();

            _lazyPublicKeys = new(Decryptors.Select(decryptor => decryptor.PublicKey));
        }
    }
}