from twilio.jwt import Jwt


class TaskRouterCapabilityToken(Jwt):
    VERSION = 'v1'
    DOMAIN = 'https://taskrouter.twilio.com'
    EVENTS_BASE_URL = 'https://event-bridge.twilio.com/v1/wschannels'
    ALGORITHM = 'HS256'

    def __init__(self, account_sid, auth_token, workspace_sid, channel_id, **kwargs):
        """
        :param str account_sid: Twilio account sid
        :param str auth_token: Twilio auth token used to sign the JWT
        :param str workspace_sid: TaskRouter workspace sid
        :param str channel_id: TaskRouter channel sid
        :param kwargs:
            :param bool allow_web_sockets: shortcut to calling allow_web_sockets, defaults to True
            :param bool allow_fetch_self: shortcut to calling allow_fetch_self, defaults to True
            :param bool allow_update_self: shortcut to calling allow_update_self, defaults to False
            :param bool allow_delete_self: shortcut to calling allow_delete_self, defaults to False
            :param bool allow_fetch_subresources: shortcut to calling allow_fetch_subresources,
                                                  defaults to False
            :param bool allow_update_subresources: shortcut to calling allow_update_subresources,
                                                   defaults to False
            :param bool allow_delete_subresources: shortcut to calling allow_delete_subresources,
                                                   defaults to False
        :returns a new TaskRouterCapabilityToken with capabilities set depending on kwargs.
        """
        super(TaskRouterCapabilityToken, self).__init__(
            secret_key=auth_token,
            issuer=account_sid,
            algorithm=self.ALGORITHM,
            nbf=kwargs.get('nbf', Jwt.GENERATE),
            ttl=kwargs.get('ttl', 3600),
            valid_until=kwargs.get('valid_until', None),
        )

        self._validate_inputs(account_sid, workspace_sid, channel_id)

        self.account_sid = account_sid
        self.auth_token = auth_token
        self.workspace_sid = workspace_sid
        self.channel_id = channel_id
        self.policies = []

        if kwargs.get('allow_web_sockets', True):
            self.allow_web_sockets()
        if kwargs.get('allow_fetch_self', True):
            self.allow_fetch_self()
        if kwargs.get('allow_update_self', False):
            self.allow_update_self()
        if kwargs.get('allow_delete_self', False):
            self.allow_delete_self()
        if kwargs.get('allow_fetch_subresources', False):
            self.allow_fetch_subresources()
        if kwargs.get('allow_delete_subresources', False):
            self.allow_delete_subresources()
        if kwargs.get('allow_update_subresources', False):
            self.allow_update_subresources()

    @property
    def workspace_url(self):
        return '{}/{}/Workspaces/{}'.format(self.DOMAIN, self.VERSION, self.workspace_sid)

    @property
    def resource_url(self):
        raise NotImplementedError('Subclass must set its specific resource_url.')

    @property
    def channel_prefix(self):
        raise NotImplementedError('Subclass must set its specific channel_id sid prefix.')

    def allow_fetch_self(self):
        self._make_policy(self.resource_url, 'GET', True)

    def allow_update_self(self):
        self._make_policy(self.resource_url, 'POST', True)

    def allow_delete_self(self):
        self._make_policy(self.resource_url, 'DELETE', True)

    def allow_fetch_subresources(self):
        self._make_policy(self.resource_url + '/**', 'GET', True)

    def allow_update_subresources(self):
        self._make_policy(self.resource_url + '/**', 'POST', True)

    def allow_delete_subresources(self):
        self._make_policy(self.resource_url + '/**', 'DELETE', True)

    def allow_web_sockets(self, channel_id=None):
        channel_id = channel_id or self.channel_id
        web_socket_url = '{}/{}/{}'.format(self.EVENTS_BASE_URL, self.account_sid, channel_id)
        self._make_policy(web_socket_url, 'GET', True)
        self._make_policy(web_socket_url, 'POST', True)

    def _generate_payload(self):
        payload = {
            'account_sid': self.account_sid,
            'workspace_sid': self.workspace_sid,
            'channel': self.channel_id,
            'version': self.VERSION,
            'friendly_name': self.channel_id,
            'policies': self.policies,
        }

        if self.channel_id.startswith('WK'):
            payload['worker_sid'] = self.channel_id
        elif self.channel_id.startswith('WQ'):
            payload['taskqueue_sid'] = self.channel_id

        return payload

    def _make_policy(self, url, method, allowed, query_filter=None, post_filter=None):
        self.policies.append({
            'url': url,
            'method': method.upper(),
            'allow': allowed,
            'query_filter': query_filter or {},
            'post_filter': post_filter or {},
        })

    def _validate_inputs(self, account_sid, workspace_sid, channel_id):
        if not account_sid or not account_sid.startswith('AC'):
            raise ValueError('Invalid account sid provided {}'.format(account_sid))

        if not workspace_sid or not workspace_sid.startswith('WS'):
            raise ValueError('Invalid workspace sid provided {}'.format(workspace_sid))

        if not channel_id or not channel_id.startswith(self.channel_prefix):
            raise ValueError('Invalid channel id provided {}'.format(channel_id))

    def __str__(self):
        return '<TaskRouterCapabilityToken {}>'.format(self.to_jwt())