import { OIDCProvider } from '../src';
import type { OIDCProviderConfig } from '../src/types';

// 示例：使用RS256算法自动生成密钥对
const configWithRS256: OIDCProviderConfig = {
    issuer: 'https://your-auth-server.com',
    signingKey: 'temporary-key', // 这个字符串会被自动生成的RSA密钥对替代
    signingAlgorithm: 'RS256', // 指定使用RSA算法
    storage: {} as any, // 这里应该是真实的存储适配器
    findUser: async (userId: string) => null,
    findClient: async (clientId: string) => null,
    authConfig: {
        passwordValidator: async (username: string, password: string) => null,
    },
};

// 示例：使用ES256算法自动生成密钥对
const configWithES256: OIDCProviderConfig = {
    issuer: 'https://your-auth-server.com',
    signingKey: 'temporary-key', // 这个字符串会被自动生成的ECDSA密钥对替代
    signingAlgorithm: 'ES256', // 指定使用ECDSA算法
    storage: {} as any,
    findUser: async (userId: string) => null,
    findClient: async (clientId: string) => null,
    authConfig: {
        passwordValidator: async (username: string, password: string) => null,
    },
};

// 示例：使用HS256算法（不会自动生成密钥对）
const configWithHS256: OIDCProviderConfig = {
    issuer: 'https://your-auth-server.com',
    signingKey: 'your-secret-key', // 对于HMAC，直接使用字符串密钥
    signingAlgorithm: 'HS256',
    storage: {} as any,
    findUser: async (userId: string) => null,
    findClient: async (clientId: string) => null,
    authConfig: {
        passwordValidator: async (username: string, password: string) => null,
    },
};

// 使用示例
async function demonstrateAutoKeyGeneration() {
    console.log('=== 自动密钥生成示例 ===\n');

    // RS256 示例
    console.log('1. 创建使用RS256算法的Provider:');
    const providerRS256 = new OIDCProvider(configWithRS256);

    // 第一次调用会触发RSA密钥对生成
    console.log('获取JWKS (会自动生成RSA密钥对):');
    const jwksRS256 = await providerRS256.getJWKS();
    console.log('RSA JWKS keys数量:', jwksRS256.keys.length);
    console.log('RSA 密钥类型:', jwksRS256.keys[0]?.kty);
    console.log('RSA 算法:', jwksRS256.keys[0]?.alg);
    console.log('');

    // ES256 示例
    console.log('2. 创建使用ES256算法的Provider:');
    const providerES256 = new OIDCProvider(configWithES256);

    // 第一次调用会触发ECDSA密钥对生成
    console.log('获取JWKS (会自动生成ECDSA密钥对):');
    const jwksES256 = await providerES256.getJWKS();
    console.log('ECDSA JWKS keys数量:', jwksES256.keys.length);
    console.log('ECDSA 密钥类型:', jwksES256.keys[0]?.kty);
    console.log('ECDSA 算法:', jwksES256.keys[0]?.alg);
    console.log('');

    // HS256 示例
    console.log('3. 创建使用HS256算法的Provider:');
    const providerHS256 = new OIDCProvider(configWithHS256);

    // HS256不会生成JWKS
    console.log('获取JWKS (HS256不暴露密钥):');
    const jwksHS256 = await providerHS256.getJWKS();
    console.log('HS256 JWKS keys数量:', jwksHS256.keys.length);
    console.log('');

    console.log('=== 示例完成 ===');
}

// 如果直接运行此文件
if (require.main === module) {
    demonstrateAutoKeyGeneration().catch(console.error);
}

export { demonstrateAutoKeyGeneration };