using Microsoft.AspNetCore.DataProtection;
using OED.Api.Core.Interfaces.Services;
using OED.Api.Endpoints;
using OED.Api.Infrastructure.Auth;
using OED.Api.Infrastructure.Esi;
using StackExchange.Redis;

var builder = WebApplication.CreateBuilder(args);

// Redis
builder.Services.AddSingleton<IConnectionMultiplexer>(
    ConnectionMultiplexer.Connect(builder.Configuration.GetConnectionString("Redis")!)
);

// Data Protection — handles encryption key management automatically
// Keys are stored in the local file system by default in dev
// In production point this at a shared volume or Azure Key Vault
builder.Services.AddDataProtection()
    .SetApplicationName("OED.Api");

// Auth & session
builder.Services.AddSingleton<EveJwtValidator>();
builder.Services.AddScoped<ISessionService, SessionService>();
builder.Services.AddScoped<ITokenStore, TokenStore>();
builder.Services.AddScoped<IStateStore, StateStore>();
builder.Services.AddScoped<ITokenEncryptor, TokenEncryptor>();
builder.Services.AddScoped<IEsiTokenRefreshService, EsiTokenRefreshService>();
builder.Services.AddTransient<EsiAuthHandler>();
builder.Services.AddHttpContextAccessor();
builder.Services.AddHttpClient();

// CORS
builder.Services.AddCors(options =>
{
    options.AddPolicy("Frontend", policy =>
        policy
            .WithOrigins(builder.Configuration["Frontend:Url"]!)
            .AllowAnyHeader()
            .AllowAnyMethod()
            .AllowCredentials()
    );
});

var app = builder.Build();

app.UseCors("Frontend");
app.UseMiddleware<SessionMiddleware>();

app.MapAuthEndpoints();

app.Run();