package jwtauth

import (
	"crypto/rand"
	"encoding/base64"
	"os"
)

func generateRandomBytes(n int) ([]byte, error) {
	b := make([]byte, n)
	_, err := rand.Read(b)
	if err != nil {
		return nil, err
	}
	return b, nil
}

func generateSecureToken(n int) (string, error) {
	bytes, err := generateRandomBytes(n)
	if err != nil {
		return "", err
	}
	return base64.URLEncoding.EncodeToString(bytes), nil
}

func getKeyVariableName() string {
	return "PLM_JWT_KEY"
}

func InitKey() error {
	var err error
	keyName := getKeyVariableName()
	key := os.Getenv(keyName)
	if key == "" {
		key, err = generateSecureToken(64)
		os.Setenv(keyName, key)
	}
	return err
}

func GetJwtKey() ([]byte, error) {
	return base64.URLEncoding.DecodeString(os.Getenv(getKeyVariableName()))
}