# frozen_string_literal: true

module Utils

# Utilities for interacting with Auth0 generated by rockstart:auth0
module Auth0
  class << self
    # Generates a logout redirect url
    def logout_url(redirect_to:)
      domain = ENV.fetch("AUTH0_DOMAIN")
      client_id = ENV.fetch("AUTH0_CLIENT_ID")
      request_params = {
        returnTo: redirect_to,
        client_id: client_id
      }
      URI::HTTPS.build(host: domain, path: "/v2/logout", query: to_query(request_params))
    end

    # Remove all unused properties provided by OmniAuth
    def filter_userinfo(raw_userinfo)
      raw_userinfo.slice(:provider, :uid, :info, :extra).tap do |userinfo|
        # Include basic user information
        userinfo[:info] = userinfo.fetch(:info, {}).slice(:name, :nickname, :image)

        # Include custom roles array provided by auth0
        userinfo[:extra] = userinfo.fetch(:extra, {}).slice(:raw_info)
        raw_info = userinfo[:extra].fetch(:raw_info, {})
        userinfo[:extra][:raw_info] = raw_info.slice("http://<%= app_name %>/roles")
      end.deep_stringify_keys
    end

    private

    def to_query(hash)
      hash.map { |k, v| "#{k}=#{CGI.escape(v)}" unless v.nil? }.reject(&:nil?).join("&")
    end
  end
end

end