import { z } from "zod";

/**
 * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#name-credential-request
 */
export const credentialRequestSchema = (credentialTypesSupported: string[][]) =>
  z.object({
    format: z.union([z.literal("jwt_vc"), z.literal("jwt_vc_json")], {
      errorMap: () => ({
        message: 'Invalid literal value, expected "jwt_vc" or "jwt_vc_json"',
      }),
    }),
    proof: z.object({
      jwt: z.string(),
      proof_type: z.literal("jwt"),
    }),
    types: z
      .array(z.string())
      // Ensures that all the valid credential types are present
      .refine(
        (arr) =>
          credentialTypesSupported.some(
            (types) => arr.toString() === types.toString(),
          ),
        {
          message: `Array must match one of the supported lists of types: ${credentialTypesSupported.map((list) => JSON.stringify(list)).join(" or ")}`,
        },
      ),
  });

/**
 * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#section-7.2.1
 */
export const credentialRequestProofPayloadSchema = z.object({
  aud: z.string().url(), // issuer mock URI
  iat: z.number(),
  iss: z.string().url(), // client_id URI
  nonce: z.string(),
});

/**
 * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#section-7.2.1
 */
export const credentialRequestProofHeaderSchema = z.object({
  alg: z.string(),
  kid: z.string(),
  typ: z.literal("openid4vci-proof+jwt"),
});

export type CredentialRequest = z.infer<
  ReturnType<typeof credentialRequestSchema>
>;