import request from '@/config/axios'
import axios from 'axios'
import { config } from '@/config/axios/config'

export interface OAuth2TokenVO {
  id: number
  access_token: string
  refresh_token: string
  user_id: number
  user_type: number
  client_id: string
  create_time: Date
  expires_in: number // 过期时间（秒）
  token_type: string
}

/** OAuth2 token 请求参数 */
export interface OAuth2TokenReqVO {
  grant_type: string
  username: string
  password: string
  scope?: string
  client_id?: string
  client_secret?: string
}

// 查询 token列表
export const getAccessTokenPage = (params: PageParam) => {
  return request.get({ url: '/system/oauth2-token/page', params })
}

// 删除 token
export const deleteAccessToken = (accessToken: string) => {
  return request.delete({ url: '/system/oauth2-token/delete?accessToken=' + accessToken })
}

/**
 * 获取OAuth2访问令牌
 * 使用密码模式获取token，需要Basic认证
 * @param params token请求参数
 * @param tenantId 租户ID
 * @param clientId 客户端ID（可选，默认使用配置的clientId）
 * @param clientSecret 客户端密钥（可选）
 */
export const createAccessToken = async (
  params: OAuth2TokenReqVO,
  tenantId: string | number,
  clientId?: string,
  clientSecret?: string
): Promise<OAuth2TokenVO> => {
  const { base_url } = config

  // 构建Basic认证头
  const authHeader = btoa(`${clientId || 'android-app'}:${clientSecret || 'android-secret-key-2024'}`)

  // 发送请求
  const response = await axios.post(
    `${base_url}/system/oauth2/token`,
    new URLSearchParams({
      grant_type: params.grant_type,
      username: params.username,
      password: params.password,
      scope: params.scope || 'prison:ai-dash-entry:query'
    }),
    {
      headers: {
        Authorization: `Basic ${authHeader}`,
        'Tenant-ID': String(tenantId),
        'Content-Type': 'application/x-www-form-urlencoded'
      }
    }
  )

  return response.data.data
}