import type { SDK, DefineAPI } from "caido:plugin";
import type { Request, Response } from "caido:utils";
// import { ImplicitGrantController } from "./controller/implictGrant";
// import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
import { CsrfCheck } from "./controller/csrfCheck";
import { PKCECheck } from "./controller/PKCECheck";
import { AccessTokenLeakController } from "./controller/accessTokenDetector";
import { ScopeDetection } from "./controller/scopeDetection";
import { NonceCheckController } from "./controller/nonceCheck";

export type API = DefineAPI<{}>;

const csrfCheck = new CsrfCheck();
// const implicitGrantController = new ImplicitGrantController();
// const authZCodeGrantController = new AuthZCodeGrantController();
const pkceCheckController = new PKCECheck();
const tokenCheck = new AccessTokenLeakController();
const ScopeDetectionController = new ScopeDetection();
const nonceCheckController = new NonceCheckController();

export function init(sdk: SDK<API>) {
  sdk.events.onInterceptResponse(async (sdk, req: Request, res: Response) => {
    await csrfCheck.checker(sdk, req, res);
    await pkceCheckController.test(sdk, req);
    await tokenCheck.testReq(sdk, req);
    await tokenCheck.testResp(sdk, res, req);
    await ScopeDetectionController.scan(sdk, req.getUrl());

  //   if (result) {
  //     await sdk.findings.create({
  //       title: "Possible SSO Request Detected",
  //       description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
  //       request: req,
  //       reporter: "",
  //     });
  //   }
  // });

  sdk.events.onInterceptRequest(async (sdk, req: Request) => {
    await pkceCheckController.test(sdk, req);
  });

  sdk.events.onInterceptResponse(
    async (sdk: SDK<DefineAPI<{}>, {}>, req: Request, resp: Response) => {
      await csrfCheck.checker(sdk, req, resp);
      await tokenCheck.testReq(sdk, req);
      await tokenCheck.testResp(sdk, resp, req);
      await ScopeDetectionController.scan(sdk, req.getUrl());
      // sdk.events.onInterceptRequest(async (sdk, req: Request) => {
      //   const result =
      //     authZCodeGrantController.testReq(req) ||
      //     implicitGrantController.testReq(req);

      //   if (result) {
      //     await pkceCheckController.test(sdk, req);

      //     await sdk.findings.create({
      //       title: "Possible SSO Request Detected",
      //       description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
      //       request: req,
      //       reporter: "",
      //     });
    if (NonceCheckController.isOidcFlow(req, res)) {
      await sdk.findings.create({
        title: "OIDC Flow Detected",
        description: "The request appears to be part of an OIDC flow.",
        request: req,
        reporter: "",
        });
      }
    });
  
    /*
    sdk.events.onInterceptRequest(async (sdk, req: Request) => {
      const result =
        authZCodeGrantController.testReq(req) ||
        implicitGrantController.testReq(req);
  
      if (result) {
        await pkceCheckController.test(sdk, req);
  
        await sdk.findings.create({
          title: "Possible SSO Request Detected",
          description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
          request: req,
          reporter: "",
        });
      }
    });
    */
  }
)}