/**
 * SaaS授权系统 - Kotlin/Android客户端
 *
 * 使用说明：
 * 1. 修改 API_KEY 为您的真实API密钥
 * 2. 在您的项目中引入此类
 * 3. 调用验证：client.verify("AUTH_CODE")
 *
 * 要求：Kotlin 1.4+ / Android API 21+ / JVM
 * 依赖：无（使用JDK内置HttpURLConnection或OkHttp）
 *
 * @author 授权系统
 * @version 1.0.0
 */

package com.kuio.authorization

import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.withContext
import org.json.JSONObject
import java.net.HttpURLConnection
import java.net.URL
import java.util.concurrent.ConcurrentHashMap

// ==================== 配置区 ====================

/**
 * SaaS授权验证客户端
 */
class AuthorizationClient(
    // API密钥（从开发者中心获取）
    // 网址：https://kuio.cn/user/developer
    var apiKey: String = "your_api_key_here",
    
    // API接口地址
    var baseUrl: String = "https://kuio.cn/api/saas",
    
    // 是否启用缓存
    var cacheEnabled: Boolean = true,
    
    // 缓存时长（毫秒），默认30分钟
    var cacheDurationMs: Long = 1800_000L
) {
    private val cache = ConcurrentHashMap<String, CacheItem>()
    
    // ==================== 核心方法 ====================
    
    /**
     * 验证授权（同步，带缓存）
     *
     * @param authCode 授权码
     * @param domain 域名（可选）
     * @param ip IP地址（可选）
     * @return AuthResult 验证结果
     */
    fun verify(authCode: String, domain: String? = null, ip: String? = null): AuthResult {
        // 1. 尝试从缓存读取
        if (cacheEnabled) {
            cache[authCode]?.let { cached ->
                if (System.currentTimeMillis() - cached.timestamp < cacheDurationMs) {
                    return AuthResult(
                        success = true,
                        message = "授权验证成功（缓存）",
                        data = cached.data,
                        fromCache = true
                    )
                }
                cache.remove(authCode)
            }
        }
        
        // 2. 调用API验证
        val result = verifyFromApi(authCode, domain, ip)
        
        // 3. 成功则写入缓存
        if (result.success && cacheEnabled) {
            cache[authCode] = CacheItem(result.data, System.currentTimeMillis())
        }
        
        return result
    }
    
    /**
     * 验证授权（协程/异步）
     */
    suspend fun verifyAsync(authCode: String, domain: String? = null, ip: String? = null): AuthResult =
        withContext(Dispatchers.IO) { verify(authCode, domain, ip) }
    
    /**
     * 从API验证授权（不使用缓存）
     */
    private fun verifyFromApi(authCode: String, domain: String?, ip: String?): AuthResult {
        return try {
            val url = URL("$baseUrl/verify")
            
            with(url.openConnection() as HttpURLConnection) {
                requestMethod = "POST"
                setRequestProperty("Content-Type", "application/json")
                setRequestProperty("X-API-Key", apiKey)
                setRequestProperty("User-Agent", "Kotlin-AuthClient/1.0")
                doOutput = true
                connectTimeout = 10_000
                readTimeout = 10_000
                
                // 构建请求体
                val bodyJson = JSONObject().apply {
                    put("authcode", authCode)
                    domain?.takeIf { it.isNotEmpty() }?.let { put("domain", it) }
                    ip?.takeIf { it.isNotEmpty() }?.let { put("ip", it) }
                }
                
                outputStream.write(bodyJson.toString().toByteArray(Charsets.UTF_8))
                
                if (responseCode == 200) {
                    val responseBody = inputStream.bufferedReader().readText()
                    val json = JSONObject(responseBody)
                    
                    if (json.optInt("code", -1) == 0) {
                        AuthResult(
                            success = true,
                            message = json.optString("msg", "授权验证成功"),
                            data = json.optString("data", "{}"),
                            fromCache = false
                        )
                    } else {
                        AuthResult(
                            success = false,
                            message = json.optString("msg", "授权验证失败"),
                            code = json.optInt("code", -1),
                            httpCode = responseCode
                        )
                    }
                } else {
                    val responseBody = errorStream?.bufferedReader()?.readText() ?: ""
                    val json = try { JSONObject(responseBody) } catch (e: Exception) { JSONObject() }
                    
                    AuthResult(
                        success = false,
                        message = json.optString("msg", "HTTP错误 $responseCode"),
                        code = json.optInt("code", -1),
                        httpCode = responseCode
                    )
                }
            }
        } catch (e: Exception) {
            AuthResult(success = false, message = "网络请求失败: ${e.message}")
        }
    }
    
    /**
     * 快速检查授权是否有效
     */
    fun check(authCode: String): Boolean = verify(authCode).success
    
    /**
     * 清除缓存
     */
    fun clearCache() = cache.clear()
}

// ==================== 数据结构 ====================

/**
 * 授权验证结果
 */
data class AuthResult(
    val success: Boolean,
    val message: String,
    val data: String = "",
    val fromCache: Boolean = false,
    val code: Int = 0,
    val httpCode: Int = 200
)

/**
 * 缓存项
 */
private data class CacheItem(val data: String, val timestamp: Long)

/*
// ========== 使用示例 ==========

import kotlinx.coroutines.*

fun main() = runBlocking {
    // 创建客户端
    val client = AuthorizationClient(apiKey = "your_api_key_here")

    // 示例1：基础验证
    val result = client.verify("ABC123XYZ")
    
    if (result.success) {
        println("✅ 授权验证成功！")
        println("消息：${result.message}")
        println("数据：${result.data}")
    } else {
        println("❌ 授权验证失败：${result.message}")
    }

    // 示例2：带域名的验证
    val result2 = client.verify("ABC123XYZ", domain = "example.com")

    // 示例3：快速检查
    if (client.check("CODE")) {
        println("✅ 授权有效")
    }

    // 示例4：异步调用（协程）
    launch(Dispatchers.Main) {
        val asyncResult = client.verifyAsync("CODE")
        println(asyncResult)
    }

    // 示例5：清除缓存
    client.clearCache()
}

// ========== Android中使用示例 ==========

class MainActivity : AppCompatActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        
        val client = AuthorizationClient(apiKey = "your_api_key_here")
        
        lifecycleScope.launch(Dispatchers.IO) {
            val result = client.verify("AUTH_CODE")
            
            withContext(Dispatchers.Main) {
                if (result.success) {
                    showToast("✅ 授权已验证")
                } else {
                    showError("❌ ${result.message}")
                }
            }
        }
    }
}
*/