import type { DeviceRegistrationManifest } from '../../domain/device-registration-manifest.js'
import type { Services } from '../../services/mod.js'
import type { Result } from '../../framework/types/result.js'

import {
  isError,
  makeError,
  unwrapResult,
} from '../../framework/types/result.js'
import { DecryptError } from '../../services/crypto/mod.js'

import { decodeDeviceRegistrationManifest } from '../../domain/device-registration-manifest.js'

export interface DecryptDto {
  manifest: DeviceRegistrationManifest
  encryptedContents: string
}

interface Options {
  deps: {
    services: Services
  }
}

export function buildDecrypt(options: Options) {
  return async function decrypt(
    dto: DecryptDto,
  ): Promise<Result<DecryptError, string>> {
    const { services } = options.deps

    const decodeDeviceRegistrationManifestResult =
      decodeDeviceRegistrationManifest(dto.manifest)

    if (isError(decodeDeviceRegistrationManifestResult)) {
      return makeError(
        new DecryptError(
          'Unable to decrypt contents, because the given registration manifest is malformed',
        ),
      )
    }

    const decodedDeviceRegistrationManifest = unwrapResult(
      decodeDeviceRegistrationManifestResult,
    )

    return await services.crypto.decrypt({
      privateJwk:
        decodedDeviceRegistrationManifest.encryption.keypair.privateKey,
      encryptedContents: dto.encryptedContents,
    })
  }
}

export type { DecryptError }