import type { DeviceRegistrationManifest } from '../../domain/device-registration-manifest.js'
import type { Services } from '../../services/mod.js'
import type { Result } from '../../framework/types/result.js'

import {
  isError,
  makeError,
  unwrapResult,
} from '../../framework/types/result.js'
import { EncryptError } from '../../services/crypto/mod.js'

import { decodeDeviceRegistrationManifest } from '../../domain/device-registration-manifest.js'

export interface EncryptDto {
  manifest: DeviceRegistrationManifest
  contents: string
}

interface Options {
  deps: {
    services: Services
  }
}

export function buildEncrypt(options: Options) {
  return async function encrypt(
    dto: EncryptDto,
  ): Promise<Result<EncryptError, string>> {
    const { services } = options.deps

    const decodeDeviceRegistrationManifestResult =
      decodeDeviceRegistrationManifest(dto.manifest)

    if (isError(decodeDeviceRegistrationManifestResult)) {
      return makeError(
        new EncryptError(
          'Unable to encrypt contents, because the given registration manifest is malformed',
        ),
      )
    }

    const manifest = unwrapResult(decodeDeviceRegistrationManifestResult)

    return await services.crypto.encrypt({
      publicJwk: manifest.encryption.keypair.publicKey,
      contents: dto.contents,
    })
  }
}

export type { EncryptError }