<?php

namespace App\Http\Middleware;

use Closure;
use App\Models\Usuario;
use Auth0\SDK\Exception\InvalidTokenException;
use Auth0\SDK\Helpers\JWKFetcher;
use Auth0\SDK\Helpers\Tokens\AsymmetricVerifier;
use Auth0\SDK\Helpers\Tokens\TokenVerifier;
use Illuminate\Support\Facades\Log;


class Auth0Middleware {

    /**
     * @throws InvalidTokenException
     */
    public function handle($request, Closure $next) {
        $token = $request->bearerToken();

        if (!$token) {
            return response()->json(['error' => 'no_token', 'message' => 'No se envío el token'], 401);
        }

        $validated = $this->validateToken($token);
        $user = Usuario::where('auth0_id', $validated['sub'])->first();

        $request = $request->merge(['user' => $user]);

        return $next($request);
    }

    /**
     * @throws InvalidTokenException
     */
    public function validateToken($token) {
        try {
            $jwksUri = env('AUTH0_DOMAIN') . '.well-known/jwks.json';
            $jwksFetcher = new JWKFetcher(null, ['base_uri' => $jwksUri]);
            $signatureVerifier = new AsymmetricVerifier($jwksFetcher);
            $tokenVerifier = new TokenVerifier(env('AUTH0_DOMAIN'), env('AUTH0_AUD'), $signatureVerifier);

            return $tokenVerifier->verify($token);
        } catch (InvalidTokenException $e) {
            throw $e;
        }
    }
}