# Copyright 2014, Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
#     * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
#     * Neither the name of Google Inc. nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

require 'multi_json'

module Google
  module Auth
    # Representation of an application's identity for user authorization
    # flows.
    class ClientId
      INSTALLED_APP = 'installed'
      WEB_APP = 'web'
      CLIENT_ID = 'client_id'
      CLIENT_SECRET = 'client_secret'
      MISSING_TOP_LEVEL_ELEMENT_ERROR =
        "Expected top level property 'installed' or 'web' to be present."

      # Text identifier of the client ID
      # @return [String]
      attr_reader :id

      # Secret associated with the client ID
      # @return [String]
      attr_reader :secret

      class << self
        attr_accessor :default
      end

      # Initialize the Client ID
      #
      # @param [String] id
      #  Text identifier of the client ID
      # @param [String] secret
      #  Secret associated with the client ID
      # @note Direction instantion is discouraged to avoid embedding IDs
      #       & secrets in source. See {#from_file} to load from
      #       `client_secrets.json` files.
      def initialize(id, secret)
        fail 'Client id can not be nil' if id.nil?
        fail 'Client secret can not be nil' if secret.nil?
        @id = id
        @secret = secret
      end

      # Constructs a Client ID from a JSON file downloaed from the
      # Google Developers Console.
      #
      # @param [String, File] file
      #  Path of file to read from
      # @return [Google::Auth::ClientID]
      def self.from_file(file)
        fail 'File can not be nil.' if file.nil?
        File.open(file.to_s) do |f|
          json = f.read
          config = MultiJson.load(json)
          from_hash(config)
        end
      end

      # Constructs a Client ID from a previously loaded JSON file. The hash
      # structure should
      # match the expected JSON format.
      #
      # @param [hash] config
      #  Parsed contents of the JSON file
      # @return [Google::Auth::ClientID]
      def self.from_hash(config)
        fail 'Hash can not be nil.' if config.nil?
        raw_detail = config[INSTALLED_APP] || config[WEB_APP]
        fail MISSING_TOP_LEVEL_ELEMENT_ERROR if raw_detail.nil?
        ClientId.new(raw_detail[CLIENT_ID], raw_detail[CLIENT_SECRET])
      end
    end
  end
end