package secretstore

import (
	"errors"
	"fmt"
	"os"
	"path/filepath"
	"strings"

	"gitea.lclr.dev/AI/mcp-framework/manifest"
)

type ManifestLoader func(startDir string) (manifest.File, string, error)

type ExecutableResolver func() (string, error)

type OpenFromManifestOptions struct {
	ServiceName        string
	LookupEnv          func(string) (string, bool)
	KWalletAppID       string
	KWalletFolder      string
	ManifestLoader     ManifestLoader
	ExecutableResolver ExecutableResolver
}

func OpenFromManifest(options OpenFromManifestOptions) (Store, error) {
	policy, err := resolveManifestBackendPolicy(options)
	if err != nil {
		return nil, err
	}

	return Open(Options{
		ServiceName:   options.ServiceName,
		BackendPolicy: policy,
		LookupEnv:     options.LookupEnv,
		KWalletAppID:  options.KWalletAppID,
		KWalletFolder: options.KWalletFolder,
	})
}

func resolveManifestBackendPolicy(options OpenFromManifestOptions) (BackendPolicy, error) {
	manifestLoader := options.ManifestLoader
	if manifestLoader == nil {
		manifestLoader = manifest.LoadDefault
	}

	executableResolver := options.ExecutableResolver
	if executableResolver == nil {
		executableResolver = os.Executable
	}

	executablePath, err := executableResolver()
	if err != nil {
		return "", fmt.Errorf("resolve executable path for manifest lookup: %w", err)
	}

	startDir := filepath.Dir(strings.TrimSpace(executablePath))
	if strings.TrimSpace(startDir) == "" {
		startDir = "."
	}

	file, manifestPath, err := manifestLoader(startDir)
	if err != nil {
		if errors.Is(err, os.ErrNotExist) {
			return BackendAuto, nil
		}
		return "", fmt.Errorf("load runtime manifest from %q: %w", startDir, err)
	}

	if strings.TrimSpace(file.SecretStore.BackendPolicy) == "" {
		return BackendAuto, nil
	}

	policy, err := normalizeBackendPolicy(BackendPolicy(file.SecretStore.BackendPolicy))
	if err != nil {
		return "", fmt.Errorf("invalid secret_store.backend_policy in manifest %q: %w", strings.TrimSpace(manifestPath), err)
	}

	return policy, nil
}