package main

import (
	"flag"
	"fmt"
	"os"
	"sound-force/sign-doc/go/apisign"
	"strings"
)

func main() {
	var accessKeyId string
	var secretKey string
	var apiBaseURL string
	var algorithmStr string
	var params []string

	flag.StringVar(&accessKeyId, "k", os.Getenv("ACCESS_KEY_ID"), "访问密钥ID")
	flag.StringVar(&secretKey, "s", os.Getenv("SECRET_KEY"), "密钥")
	flag.StringVar(&apiBaseURL, "u", os.Getenv("API_BASE_URL"), "API基础URL")
	flag.StringVar(&algorithmStr, "a", os.Getenv("SIGN_ALGORITHM"), "签名算法")
	flag.Func("p", "请求参数 (格式: key=value)", func(s string) error {
		params = append(params, s)
		return nil
	})
	flag.Parse()

	if accessKeyId == "" {
		accessKeyId = "test-access-key-id"
	}
	if secretKey == "" {
		secretKey = "test-secret-key"
	}
	if apiBaseURL == "" {
		apiBaseURL = "https://api.example.com/v1"
	}
	if algorithmStr == "" {
		algorithmStr = "MD5"
	}

	algorithm, err := apisign.ParseAlgorithm(algorithmStr)
	if err != nil {
		fmt.Printf("Warning: %v, using MD5 as default\n", err)
		algorithm = apisign.MD5
	}

	options := apisign.NewDefaultSignOptions()
	options.Algorithm = algorithm
	// 将签名参数名从默认的"signature"改为"sign"
	options.SignatureName = "sign"

	signer := apisign.NewAPISigner(options)

	requestParams := make(map[string]string)
	if len(params) > 0 {
		for _, p := range params {
			parts := strings.SplitN(p, "=", 2)
			if len(parts) == 2 {
				requestParams[parts[0]] = parts[1]
			}
		}
	} else {
		requestParams = map[string]string{
			"userId": "12345",
			"action": "getData",
			"data":   "测试数据",
		}
	}

	fmt.Println("===================== API签名示例 =====================")
	fmt.Printf("AccessKeyId: %s\n", accessKeyId)
	fmt.Printf("SecretKey: %s\n", secretKey)
	fmt.Printf("签名算法: %s\n", algorithm.String())
	fmt.Printf("基础URL: %s\n", apiBaseURL)
	fmt.Println("请求参数:", requestParams)

	channelId := getEnv("CHANNEL_ID", "test-channel-id")
	if val, ok := requestParams["channelId"]; ok {
		channelId = val
	}

	signedParams := signer.SignRequest(requestParams, accessKeyId, secretKey, channelId)
	fmt.Println("\n签名后的参数:")
	for k, v := range signedParams {
		fmt.Printf("  %s: %s\n", k, v)
	}

	signedURL := signer.SignURL(apiBaseURL, requestParams, accessKeyId, secretKey, channelId)
	fmt.Println("\n签名后的URL:")
	fmt.Println(signedURL)

	valid, err := signer.VerifySignature(signedParams, secretKey, 300000)
	fmt.Println("\n签名验证结果:")
	if err != nil {
		fmt.Printf("  验证失败: %v\n", err)
	} else if valid {
		fmt.Println("  验证成功")
	} else {
		fmt.Println("  验证失败: 签名不匹配")
	}

	fmt.Println("\n不同算法的签名结果:")
	demonstrateAlgorithms(requestParams, accessKeyId, secretKey)
}

// getEnv 获取环境变量，如果不存在则返回默认值
func getEnv(key, defaultValue string) string {
	value := os.Getenv(key)
	if value == "" {
		return defaultValue
	}
	return value
}

// demonstrateAlgorithms 演示不同算法的签名结果
func demonstrateAlgorithms(params map[string]string, accessKeyId, secretKey string) {
	algorithms := []apisign.SignatureAlgorithm{
		apisign.MD5,
		apisign.SHA1,
		apisign.SHA256,
		apisign.HMACSHA256,
	}

	keys := make([]string, 0, len(params))
	for k := range params {
		keys = append(keys, k)
	}
	strings.Join(keys, "&")

	for _, alg := range algorithms {
		options := apisign.NewDefaultSignOptions()
		options.Algorithm = alg
		options.SignatureName = "sign"
		signer := apisign.NewAPISigner(options)

		signature := signer.CalculateSignature(params, secretKey)
		fmt.Printf("  %s: %s\n", alg.String(), signature)
	}
}