from services.clients.abstract_key_management import \
    AbstractKeyManagementClient, IKey, KEY_TYPE_ATTR, KEY_STD_ATTR, \
    HASH_TYPE_ATTR, HASH_STD_ATTR, SIG_SCHEME_ATTR

from commons.constants import KEY_ID_ATTR, ALGORITHM_ATTR, VALUE_ATTR, \
    B64ENCODED_ATTR
from commons.log_helper import get_logger
from base64 import standard_b64encode
from typing import Optional

PUBLIC_KEY_ATTR = 'puk'
PRIVATE_KEY_ATTR = 'prk'
ALG_ATTR = 'alg'
KID_ATTR = 'kid'
FORMAT_ATTR = 'format'


_LOG = get_logger(__name__)


class ManagedKey:
    def __init__(self, kid: str, alg: str, key: IKey):
        self.kid = kid
        self.alg = alg
        self.key = key

    def export_key(self, frmt: str, base64encode: bool = False):
        try:
            value = self.key.export_key(format=frmt)
        except (TypeError, Exception) as e:
            _LOG.warning(f'Key:\'{self.kid}\' could not be exported into '
                         f'{frmt} format, due to: "{e}".')
            value = None

        base = {
            KEY_ID_ATTR: self.kid,
            ALGORITHM_ATTR: self.alg
        }

        pending = {}

        if value:
            pending[FORMAT_ATTR] = frmt
            pending[VALUE_ATTR] = value

        if pending[VALUE_ATTR] and base64encode:
            pending[B64ENCODED_ATTR] = True
            pending[VALUE_ATTR] = standard_b64encode(
                value if isinstance(value, bytes) else value.encode('utf-8')
            )
        elif pending[VALUE_ATTR] and not base64encode:
            pending[B64ENCODED_ATTR] = False

        if pending[VALUE_ATTR] and isinstance(value, bytes):

            try:
                pending[VALUE_ATTR] = value.decode()
            except (TypeError, Exception) as e:
                _LOG.warning(f'Key:\'{self.kid}\' could not be decoded into'
                             f' a string, due to: "{e}".')
                pending = {}

        base.update(pending)
        return base


class KeyPair:
    def __init__(self, prk: IKey, typ: str, std: str):
        self.prk: IKey = prk
        self.puk: IKey = prk.public_key()
        self.typ = typ
        self.std = std


class KeyManagementService:

    def __init__(
        self, key_management_client: AbstractKeyManagementClient
    ):
        self._key_management_client = key_management_client

    def get_key(self, kid: str, alg: str) -> Optional[ManagedKey]:
        _alg = alg
        alg = self._key_management_client.dissect_alg(alg=alg)
        if not alg:
            return

        # Retrieve type and standard data of a key, hash and signature scheme.
        key_type, key_std = map(
            alg.get, (KEY_TYPE_ATTR, KEY_STD_ATTR)
        )

        data = self._key_management_client.get_key_data(
            key_id=kid
        )
        if not data:
            return

        key = self._key_management_client.get_key(
            key_type=key_type, key_std=key_std, key_data=data
        )
        if key:
            return self.instantiate_managed_key(kid=kid, alg=_alg, key=key)

    def import_key(self, alg: str, key_value: str) -> Optional[IKey]:
        alg = self._key_management_client.dissect_alg(alg=alg)
        if not alg:
            return

        # Retrieve type and standard data of a key, hash and signature scheme.
        key_type, key_std, hash_type, hash_std, sig_scheme = map(
            alg.get, (
                KEY_TYPE_ATTR, KEY_STD_ATTR, HASH_TYPE_ATTR, HASH_STD_ATTR,
                SIG_SCHEME_ATTR
            )
        )

        if not self._key_management_client.is_signature_scheme_accessible(
            sig_scheme=sig_scheme, key_type=key_type, key_std=key_std,
            hash_type=hash_type, hash_std=hash_std
        ):
            return
        return self._key_management_client.construct(
            key_type=key_type, key_std=key_std, key_value=key_value
        )

    def import_key_pair(self, alg: str, private_key: str) -> Optional[KeyPair]:
        alg = self._key_management_client.dissect_alg(alg=alg)
        if not alg:
            return

        # Retrieve type and standard data of a key, hash and signature scheme.
        key_type, key_std, hash_type, hash_std, sig_scheme = map(
            alg.get, (
                KEY_TYPE_ATTR, KEY_STD_ATTR, HASH_TYPE_ATTR, HASH_STD_ATTR,
                SIG_SCHEME_ATTR
            )
        )

        if not self._key_management_client.is_signature_scheme_accessible(
            sig_scheme=sig_scheme, key_type=key_type, key_std=key_std,
            hash_type=hash_type, hash_std=hash_std
        ):
            return
        prk = self._key_management_client.construct(
            key_type=key_type, key_std=key_std, key_value=private_key
        )
        if prk:
            return KeyPair(prk=prk, typ=key_type, std=key_std)

    def create_key_pair(self, key_type: str, key_std: str) -> \
            Optional[KeyPair]:
        prk = self._key_management_client.generate(
            key_type=key_type, key_std=key_std
        )
        if not prk:
            return

        try:
            return KeyPair(prk=prk, typ=key_type, std=key_std)
        except (TypeError, Exception) as e:
            _LOG.warning(f'KeyPair of {key_type}:{key_std} standard'
                         f' could not be instantiated, due to "{e}".')
        return

    def derive_alg(
        self, key_type: str, key_std: str, hash_type: str, hash_std: str,
        sig_scheme: str
    ) -> Optional[str]:
        if self._key_management_client.is_signature_scheme_accessible(
            sig_scheme=sig_scheme, hash_type=hash_type, hash_std=hash_std,
            key_type=key_type, key_std=key_std
        ):
            return f'{key_type}:{key_std}_{sig_scheme}_{hash_type}:{hash_std}'

    @staticmethod
    def instantiate_managed_key(kid: str, alg: str, key: IKey):
        return ManagedKey(kid=kid, alg=alg, key=key)