using System.Security.Claims;

namespace Connected.Security.Identity
{
	public class UserIdentity : ClaimsIdentity
	{
		private bool _isAuthenticated = true;
		private List<Claim> _claims = null;

		public UserIdentity(IUser user) : this(user, null)
		{
		}

		public UserIdentity(IUser user, string jwToken)
		{
			User = user;
			Token = jwToken;
			//Name = user.AuthenticationToken;
		}

		public override string AuthenticationType => "Tom PIT";
		public override bool IsAuthenticated { get { return _isAuthenticated; } }
		public override string Name { get; }
		public string Token { get; }

		public IUser User { get; }

		public static UserIdentity NotAuthenticated()
		{
			return new UserIdentity(null, null)
			{
				_isAuthenticated = false
			};
		}

		public override IEnumerable<Claim> Claims => _claims ??= CreateClaims();

		private List<Claim> CreateClaims()
		{
			//TODO: resolve claims
			//using var ctx = Context.Create();
			//var svc = ctx.GetService<IAuthorizationService>();

			//var isAdmin = User is not null && svc.IsInRole(User.Id, Role.FullControl);


			return new List<Claim>();
		}
	}
}