// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.

package uplink

import (
	"context"
	"time"

	"github.com/zeebo/errs"
	"go.uber.org/zap"

	"storj.io/common/identity"
	"storj.io/common/memory"
	"storj.io/common/peertls/tlsopts"
	"storj.io/common/rpc"
	"storj.io/storj/uplink/metainfo"
	"storj.io/storj/uplink/metainfo/kvmetainfo"
)

const defaultUplinkDialTimeout = 20 * time.Second

// Config represents configuration options for an Uplink
type Config struct {
	// Volatile groups config values that are likely to change semantics
	// or go away entirely between releases. Be careful when using them!
	Volatile struct {
		// Log is the logger to use for uplink components
		Log *zap.Logger

		// TLS defines options that affect TLS negotiation for outbound
		// connections initiated by this uplink.
		TLS struct {
			// SkipPeerCAWhitelist determines whether to require all
			// remote hosts to have identity certificates signed by
			// Certificate Authorities in the default whitelist. If
			// set to true, the whitelist will be ignored.
			SkipPeerCAWhitelist bool

			// PeerCAWhitelistPath gives the path to a CA cert
			// whitelist file. It is ignored if SkipPeerCAWhitelist
			// is set. If empty, the internal default peer whitelist
			// is used.
			PeerCAWhitelistPath string
		}

		// PeerIDVersion is the identity versions remote peers to this node
		// will be supported by this node.
		PeerIDVersion string

		// MaxInlineSize determines whether the uplink will attempt to
		// store a new object in the satellite's metainfo. Objects at
		// or below this size will be marked for inline storage, and
		// objects above this size will not. (The satellite may reject
		// the inline storage and require remote storage, still.)
		MaxInlineSize memory.Size

		// MaxMemory is the default maximum amount of memory to be
		// allocated for read buffers while performing decodes of
		// objects. (This option is overrideable per Bucket if the user
		// so desires.) If set to zero, the library default (4 MiB) will
		// be used. If set to a negative value, the system will use the
		// smallest amount of memory it can.
		MaxMemory memory.Size

		// PartnerID is the identity given to the partner for value
		// attribution.
		//
		// Deprecated: prefer UserAgent
		PartnerID string

		// UserAgent for the product using the library.
		UserAgent string

		// DialTimeout is the maximum time to wait connecting to another node.
		// If not set, the library default (20 seconds) will be used.
		DialTimeout time.Duration

		// PBKDFConcurrency is the passphrase-based key derivation function
		// concurrency to use.
		// WARNING: changing this value fundamentally changes how keys are
		// derived. Keys generated with one value will not be the same keys
		// as generated with other values! Leaving this at the default is
		// highly recommended.
		//
		// Unfortunately, up to version v0.26.2, we automatically set this to the
		// number of CPU cores your processor had. If you are having trouble
		// decrypting data uploaded with v0.26.2 or older, you may need to set
		// this value to the number of cores your computer had at the time
		// you entered a passphrase.
		//
		// Otherwise, this value should be left at the default value of 0
		// (which means to use the internal default).
		PBKDFConcurrency int
	}
}

func (cfg *Config) clone() *Config {
	clone := *cfg
	return &clone
}

func (cfg *Config) setDefaults(ctx context.Context) error {
	if cfg.Volatile.MaxInlineSize == 0 {
		cfg.Volatile.MaxInlineSize = 4 * memory.KiB
	}
	if cfg.Volatile.MaxMemory.Int() == 0 {
		cfg.Volatile.MaxMemory = 4 * memory.MiB
	} else if cfg.Volatile.MaxMemory.Int() < 0 {
		cfg.Volatile.MaxMemory = 0
	}
	if cfg.Volatile.Log == nil {
		cfg.Volatile.Log = zap.NewNop()
	}
	if cfg.Volatile.DialTimeout.Seconds() == 0 {
		cfg.Volatile.DialTimeout = defaultUplinkDialTimeout
	}
	if cfg.Volatile.PBKDFConcurrency == 0 {
		// WARNING: if this default value changes, the root keys of every user will change.
		// So, don't change this without sufficiently good reason.
		// some other argon2 wrapper libraries have chosen 8 as the default, so
		// we do here.
		cfg.Volatile.PBKDFConcurrency = 8
	}
	if cfg.Volatile.PBKDFConcurrency < 0 || cfg.Volatile.PBKDFConcurrency >= 256 {
		return errs.New("Invalid value for PBKDFConcurrency (must fit in a uint8)")
	}
	return nil
}

// Uplink represents the main entrypoint to Storj V3. An Uplink connects to
// a specific Satellite and caches connections and resources, allowing one to
// create sessions delineated by specific access controls.
type Uplink struct {
	ident  *identity.FullIdentity
	dialer rpc.Dialer
	cfg    *Config
}

// NewUplink creates a new Uplink. This is the first step to create an uplink
// session with a user specified config or with default config, if nil config
func NewUplink(ctx context.Context, cfg *Config) (_ *Uplink, err error) {
	defer mon.Task()(&ctx)(&err)

	ident, err := identity.NewFullIdentity(ctx, identity.NewCAOptions{
		Difficulty:  9,
		Concurrency: 1,
	})
	if err != nil {
		return nil, err
	}

	if cfg == nil {
		cfg = &Config{}
	}
	cfg = cfg.clone()
	if err := cfg.setDefaults(ctx); err != nil {
		return nil, err
	}
	tlsConfig := tlsopts.Config{
		UsePeerCAWhitelist:  !cfg.Volatile.TLS.SkipPeerCAWhitelist,
		PeerCAWhitelistPath: cfg.Volatile.TLS.PeerCAWhitelistPath,
		PeerIDVersions:      "0",
	}

	tlsOptions, err := tlsopts.NewOptions(ident, tlsConfig, nil)
	if err != nil {
		return nil, err
	}

	dialer := rpc.NewDefaultDialer(tlsOptions)
	dialer.DialTimeout = cfg.Volatile.DialTimeout

	return &Uplink{
		ident:  ident,
		dialer: dialer,
		cfg:    cfg,
	}, nil
}

// TODO: move the project related OpenProject and Close to project.go

// OpenProject returns a Project handle with the given APIKey
func (u *Uplink) OpenProject(ctx context.Context, satelliteAddr string, apiKey APIKey) (p *Project, err error) {
	defer mon.Task()(&ctx)(&err)

	m, err := metainfo.Dial(ctx, u.dialer, satelliteAddr, apiKey.key, u.cfg.Volatile.UserAgent)
	if err != nil {
		return nil, err
	}

	project, err := kvmetainfo.SetupProject(m)
	if err != nil {
		return nil, err
	}

	return &Project{
		uplinkCfg: u.cfg,
		dialer:    u.dialer,
		metainfo:  m,
		project:   project,
	}, nil
}

// Close closes the Project. Opened buckets or objects must not be used after calling Close.
func (p *Project) Close() error {
	return p.metainfo.Close()
}

// Close closes the Uplink. Opened projects, buckets or objects must not be used after calling Close.
func (u *Uplink) Close() error {
	return nil
}