package dialer

import (
	"context"
	"crypto/tls"
	"encoding/base64"
	"fmt"
	"net"
	"net/url"
)

func (d *Dialer) Auth() (string, bool) {
	url, _ := d.UpstreamURL()
	if url.User == nil {
		return "", false
	}

	username := url.User.Username()
	password, _ := url.User.Password()

	return base64.StdEncoding.EncodeToString(
		[]byte(username + ":" + password),
	), true
}

func (d *Dialer) Dial(ctx context.Context) (net.Conn, error) {
	dialer := &net.Dialer{}

	conn, err := dialer.DialContext(ctx, "tcp", d.dialURL.Host)
	if err != nil {
		return nil, fmt.Errorf("%w: %w (%w)", ErrDialer, ErrDial, err)
	}

	if d.dialURL.Scheme != "https" {
		return conn, nil
	}

	tlsConn := tls.Client(conn, &tls.Config{
		ServerName: d.dialURL.Hostname(),
		//nolint:gosec
		InsecureSkipVerify: d.app.Config().Upstream.InsecureTLS,
	})
	if err := tlsConn.HandshakeContext(ctx); err != nil {
		_ = conn.Close()

		return nil, fmt.Errorf("%w: %w (%w)", ErrDialer, ErrDial, err)
	}

	return tlsConn, nil
}

func (d *Dialer) UpstreamURL() (*url.URL, error) {
	if d.app.Config().Upstream.URL == "" {
		return nil, fmt.Errorf(
			"%w: %w (%s)", ErrDialer, ErrUpstreamURL,
			"upstream URL is empty",
		)
	}

	upstreamURL, err := url.Parse(d.app.Config().Upstream.URL)
	if err != nil {
		return nil, fmt.Errorf(
			"%w: %w (%w)", ErrDialer, ErrUpstreamURL, err,
		)
	}

	return upstreamURL, nil
}