<?php
/**
 * Akeeba WebPush
 *
 * An abstraction layer for easier implementation of WebPush in Joomla components.
 *
 * @copyright (c) 2022 Akeeba Ltd
 * @license       GNU GPL v3 or later; see LICENSE.txt
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace Akeeba\WebPush\WebPush;

use Base64Url\Base64Url;
use Joomla\CMS\Http\Http as HttpClient;
use Joomla\CMS\Http\HttpFactory;
use Joomla\CMS\Uri\Uri;
use Laminas\Diactoros\Request;
use Laminas\Diactoros\StreamFactory;
use function count;

/**
 * This class is a derivative work based on the WebPush library by Louis Lagrange. It has been modified to only use
 * dependencies shipped with Joomla itself and must not be confused with the original work.
 *
 * You can find the original code at https://github.com/web-push-libs
 *
 * The original code came with the following copyright notice:
 *
 * =====================================================================================================================
 *
 * This file is part of the WebPush library.
 *
 * (c) Louis Lagrange <lagrange.louis@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE-LAGRANGE.txt
 * file that was distributed with this source code.
 *
 * =====================================================================================================================
 */
class WebPush
{
	/**
	 * @var array
	 */
	protected $auth;

	/**
	 * @var int Automatic padding of payloads, if disabled, trade security for bandwidth
	 */
	protected $automaticPadding = Encryption::MAX_COMPATIBILITY_PAYLOAD_LENGTH;

	/**
	 * @var HttpClient
	 */
	protected $client;

	/**
	 * @var array Default options : TTL, urgency, topic, batchSize
	 */
	protected $defaultOptions;

	/**
	 * @var null|array Array of array of Notifications
	 */
	protected $notifications;

	/**
	 * @var bool Reuse VAPID headers in the same flush session to improve performance
	 */
	protected $reuseVAPIDHeaders = false;

	/**
	 * @var array Dictionary for VAPID headers cache
	 */
	protected $vapidHeaders = [];

	/**
	 * WebPush constructor.
	 *
	 * @param   array     $auth            Some servers needs authentication
	 * @param   array     $defaultOptions  TTL, urgency, topic, batchSize
	 * @param   int|null  $timeout         Timeout of POST request
	 *
	 * @throws \ErrorException
	 */
	public function __construct(array $auth = [], array $defaultOptions = [], ?int $timeout = 30, array $clientOptions = [])
	{
		$extensions = [
			'curl'     => '[WebPush] curl extension is not loaded but is required. You can fix this in your php.ini.',
			'mbstring' => '[WebPush] mbstring extension is not loaded but is required for sending push notifications with payload or for VAPID authentication. You can fix this in your php.ini.',
			'openssl'  => '[WebPush] openssl extension is not loaded but is required for sending push notifications with payload or for VAPID authentication. You can fix this in your php.ini.',
		];
		$phpVersion = phpversion();
		if ($phpVersion && version_compare($phpVersion, '7.3.0', '<'))
		{
			$extensions['gmp'] = '[WebPush] gmp extension is not loaded but is required for sending push notifications with payload or for VAPID authentication. You can fix this in your php.ini.';
		}
		foreach ($extensions as $extension => $message)
		{
			if (!extension_loaded($extension))
			{
				trigger_error($message, E_USER_WARNING);
			}
		}

		if (ini_get('mbstring.func_overload') >= 2)
		{
			trigger_error("[WebPush] mbstring.func_overload is enabled for str* functions. You must disable it if you want to send push notifications with payload or use VAPID. You can fix this in your php.ini.", E_USER_NOTICE);
		}

		if (isset($auth['VAPID']))
		{
			$auth['VAPID'] = VAPID::validate($auth['VAPID']);
		}

		$this->auth = $auth;

		$this->setDefaultOptions($defaultOptions);

		if (!array_key_exists('timeout', $clientOptions) && isset($timeout))
		{
			$clientOptions['timeout'] = $timeout;
		}

		$this->client = HttpFactory::getHttp($clientOptions);
	}

	public function countPendingNotifications(): int
	{
		return null !== $this->notifications ? count($this->notifications) : 0;
	}

	/**
	 * Flush notifications. Triggers the requests.
	 *
	 * @param   null|int  $batchSize  Defaults the value defined in defaultOptions during instantiation (which defaults
	 *                                to 1000).
	 *
	 * @return \Generator|MessageSentReport[]
	 * @throws \ErrorException
	 */
	public function flush(?int $batchSize = null): \Generator
	{
		if (empty($this->notifications))
		{
			yield from [];

			return;
		}

		if (null === $batchSize)
		{
			$batchSize = $this->defaultOptions['batchSize'];
		}

		$batches = array_chunk($this->notifications, $batchSize);

		// reset queue
		$this->notifications = [];

		foreach ($batches as $batch)
		{
			// for each endpoint server type
			$requests = $this->prepare($batch);

			foreach ($requests as $request)
			{
				try
				{
					// So, this SHOULD work, but it doesn't because of a Joomla Framework bug. HARD MODE ENGAGED.
					//$response = $this->client->sendRequest($request);

					$httpMethod = strtolower($request->getMethod());

					$headers = array_map(
						function ($values)
						{
							if (!is_array($values))
							{
								return $values;
							}

							return implode(' ', $values);
						},
						$request->getHeaders()
					);

					$timeout = $this->client->getOption('timeout', 10);

					switch ($httpMethod)
					{
						case 'options':
						case 'head':
						case 'get':
						case 'trace':
						default:
							$response = $this->client->{$httpMethod}(new Uri($request->getUri()), $headers, $timeout);
							break;

						case 'post':
						case 'put':
						case 'delete':
						case 'patch':
						$response = $this->client->{$httpMethod}(new Uri($request->getUri()), $request->getBody()->getContents(), $headers, $timeout);
							break;
					}

					$success  = $response->getStatusCode() >= 200 && $response->getStatusCode() < 400;
					$reason   = $success ? 'OK' : (strip_tags($response->body) ?: $response->getReasonPhrase());

					yield new MessageSentReport($request, $response, $success, $reason);
				}
				catch (\Exception $e)
				{
					yield new MessageSentReport($request, $response, false, $e->getMessage());
				}
			}
		}

		if ($this->reuseVAPIDHeaders)
		{
			$this->vapidHeaders = [];
		}
	}

	/**
	 * @return int
	 */
	public function getAutomaticPadding()
	{
		return $this->automaticPadding;
	}

	/**
	 * @param   int|bool  $automaticPadding  Max padding length
	 *
	 * @throws \Exception
	 */
	public function setAutomaticPadding($automaticPadding): WebPush
	{
		if ($automaticPadding > Encryption::MAX_PAYLOAD_LENGTH)
		{
			throw new \Exception('Automatic padding is too large. Max is ' . Encryption::MAX_PAYLOAD_LENGTH . '. Recommended max is ' . Encryption::MAX_COMPATIBILITY_PAYLOAD_LENGTH . ' for compatibility reasons (see README).');
		}
		elseif ($automaticPadding < 0)
		{
			throw new \Exception('Padding length should be positive or zero.');
		}
		elseif ($automaticPadding === true)
		{
			$this->automaticPadding = Encryption::MAX_COMPATIBILITY_PAYLOAD_LENGTH;
		}
		elseif ($automaticPadding === false)
		{
			$this->automaticPadding = 0;
		}
		else
		{
			$this->automaticPadding = $automaticPadding;
		}

		return $this;
	}

	public function getDefaultOptions(): array
	{
		return $this->defaultOptions;
	}

	/**
	 * @param   array  $defaultOptions  Keys 'TTL' (Time To Live, defaults 4 weeks), 'urgency', 'topic', 'batchSize'
	 *
	 * @return WebPush
	 */
	public function setDefaultOptions(array $defaultOptions)
	{
		$this->defaultOptions['TTL']       = $defaultOptions['TTL'] ?? 2419200;
		$this->defaultOptions['urgency']   = $defaultOptions['urgency'] ?? null;
		$this->defaultOptions['topic']     = $defaultOptions['topic'] ?? null;
		$this->defaultOptions['batchSize'] = $defaultOptions['batchSize'] ?? 1000;

		return $this;
	}

	/**
	 * @return bool
	 */
	public function getReuseVAPIDHeaders()
	{
		return $this->reuseVAPIDHeaders;
	}

	/**
	 * Reuse VAPID headers in the same flush session to improve performance
	 *
	 * @return WebPush
	 */
	public function setReuseVAPIDHeaders(bool $enabled)
	{
		$this->reuseVAPIDHeaders = $enabled;

		return $this;
	}

	public function isAutomaticPadding(): bool
	{
		return $this->automaticPadding !== 0;
	}

	/**
	 * Queue a notification. Will be sent when flush() is called.
	 *
	 * @param   string|null  $payload  If you want to send an array or object, json_encode it
	 * @param   array        $options  Array with several options tied to this notification. If not set, will use the
	 *                                 default options that you can set in the WebPush object
	 * @param   array        $auth     Use this auth details instead of what you provided when creating WebPush
	 *
	 * @throws \ErrorException
	 */
	public function queueNotification(SubscriptionInterface $subscription, ?string $payload = null, array $options = [], array $auth = []): void
	{
		if (isset($payload))
		{
			if (Utils::safeStrlen($payload) > Encryption::MAX_PAYLOAD_LENGTH)
			{
				throw new \ErrorException('Size of payload must not be greater than ' . Encryption::MAX_PAYLOAD_LENGTH . ' octets.');
			}

			$contentEncoding = $subscription->getContentEncoding();
			if (!$contentEncoding)
			{
				throw new \ErrorException('Subscription should have a content encoding');
			}

			$payload = Encryption::padPayload($payload, $this->automaticPadding, $contentEncoding);
		}

		if (array_key_exists('VAPID', $auth))
		{
			$auth['VAPID'] = VAPID::validate($auth['VAPID']);
		}

		$this->notifications[] = new Notification($subscription, $payload, $options, $auth);
	}

	/**
	 * @param   string|null  $payload  If you want to send an array or object, json_encode it
	 * @param   array        $options  Array with several options tied to this notification. If not set, will use the
	 *                                 default options that you can set in the WebPush object
	 * @param   array        $auth     Use this auth details instead of what you provided when creating WebPush
	 *
	 * @throws \ErrorException
	 */
	public function sendOneNotification(SubscriptionInterface $subscription, ?string $payload = null, array $options = [], array $auth = []): MessageSentReport
	{
		$this->queueNotification($subscription, $payload, $options, $auth);

		return $this->flush()->current();
	}

	/**
	 * @return array
	 * @throws \ErrorException
	 */
	protected function getVAPIDHeaders(string $audience, string $contentEncoding, array $vapid)
	{
		$vapidHeaders = null;

		$cache_key = null;
		if ($this->reuseVAPIDHeaders)
		{
			$cache_key = implode('#', [$audience, $contentEncoding, crc32(serialize($vapid))]);
			if (array_key_exists($cache_key, $this->vapidHeaders))
			{
				$vapidHeaders = $this->vapidHeaders[$cache_key];
			}
		}

		if (!$vapidHeaders)
		{
			$vapidHeaders = VAPID::getVapidHeaders($audience, $vapid['subject'], $vapid['publicKey'], $vapid['privateKey'], $contentEncoding);
		}

		if ($this->reuseVAPIDHeaders)
		{
			$this->vapidHeaders[$cache_key] = $vapidHeaders;
		}

		return $vapidHeaders;
	}

	/**
	 * @return Request[]
	 * @throws \ErrorException
	 *
	 */
	protected function prepare(array $notifications): array
	{
		$requests = [];
		foreach ($notifications as $notification)
		{
			\assert($notification instanceof Notification);
			$subscription    = $notification->getSubscription();
			$endpoint        = $subscription->getEndpoint();
			$userPublicKey   = $subscription->getPublicKey();
			$userAuthToken   = $subscription->getAuthToken();
			$contentEncoding = $subscription->getContentEncoding();
			$payload         = $notification->getPayload();
			$options         = $notification->getOptions($this->getDefaultOptions());
			$auth            = $notification->getAuth($this->auth);

			if (!empty($payload) && !empty($userPublicKey) && !empty($userAuthToken))
			{
				if (!$contentEncoding)
				{
					throw new \ErrorException('Subscription should have a content encoding');
				}

				$encrypted      = Encryption::encrypt($payload, $userPublicKey, $userAuthToken, $contentEncoding);
				$cipherText     = $encrypted['cipherText'];
				$salt           = $encrypted['salt'];
				$localPublicKey = $encrypted['localPublicKey'];

				$headers = [
					'Content-Type'     => 'application/octet-stream',
					'Content-Encoding' => $contentEncoding,
				];

				if ($contentEncoding === "aesgcm")
				{
					$headers['Encryption'] = 'salt=' . Base64Url::encode($salt);
					$headers['Crypto-Key'] = 'dh=' . Base64Url::encode($localPublicKey);
				}

				$encryptionContentCodingHeader = Encryption::getContentCodingHeader($salt, $localPublicKey, $contentEncoding);
				$content                       = $encryptionContentCodingHeader . $cipherText;

				$headers['Content-Length'] = (string) Utils::safeStrlen($content);
			}
			else
			{
				$headers = [
					'Content-Length' => '0',
				];

				$content = '';
			}

			$headers['TTL'] = $options['TTL'];

			if (isset($options['urgency']))
			{
				$headers['Urgency'] = $options['urgency'];
			}

			if (isset($options['topic']))
			{
				$headers['Topic'] = $options['topic'];
			}

			if (array_key_exists('VAPID', $auth) && $contentEncoding)
			{
				$audience = parse_url($endpoint, PHP_URL_SCHEME) . '://' . parse_url($endpoint, PHP_URL_HOST);
				if (!parse_url($audience))
				{
					throw new \ErrorException('Audience "' . $audience . '"" could not be generated.');
				}

				$vapidHeaders = $this->getVAPIDHeaders($audience, $contentEncoding, $auth['VAPID']);

				$headers['Authorization'] = $vapidHeaders['Authorization'];

				if ($contentEncoding === 'aesgcm')
				{
					if (array_key_exists('Crypto-Key', $headers))
					{
						$headers['Crypto-Key'] .= ';' . $vapidHeaders['Crypto-Key'];
					}
					else
					{
						$headers['Crypto-Key'] = $vapidHeaders['Crypto-Key'];
					}
				}
			}

			$streamFactory = new StreamFactory();

			$requests[] = new Request($endpoint, 'POST', $streamFactory->createStream($content), $headers);
		}

		return $requests;
	}
}