import Keycloak from 'keycloak-js'

const keycloakConfig = {
  realm: import.meta.env.KC_REALMS,
  'auth-server-url': import.meta.env.KC_URL,
  'ssl-required': 'external',
  resource: 'edm',
  'public-client': true,
  'confidential-port': 0,
}
const keycloak = new Keycloak(keycloakConfig)

let init = false

export async function login(cb?: (...args: any[]) => void) {
  const auth = !init
    ? await keycloak
        .init({
          onLoad: 'login-required',
          responseMode: 'query',
          checkLoginIframe: false,
        })
        .catch((e) => console.dir(e))
    : await keycloak.login().catch((e) => console.dir(e))

  if (auth) init = true
  if (auth && cb) cb()
}

export async function logout() {
  await keycloak.logout()
}

export async function getToken() {
  await keycloak.updateToken(60).catch(() => login())
  return keycloak.token
}

export function getUsername(): string {
  return keycloak.tokenParsed?.preferred_username
}

export function getRole(): string[] {
  const decoded = keycloak.tokenParsed

  if (decoded && decoded.resource_access && decoded.azp) {
    return decoded.resource_access[decoded.azp].roles
  }

  return []
}

export function isLoggedIn() {
  return !!keycloak.token
}