# Copyright (c) 2015 Huawei, Tech. Co,. Ltd.
# Copyright (c) 2024 Wind River Systems, Inc.
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

import pecan

from keystonemiddleware import auth_token
from oslo_config import cfg
from oslo_middleware import request_id
from oslo_service import service
from oslo_service import wsgi

from dcorch.common import context as ctx
from dcorch.common.i18n import _


def setup_app(*args, **kwargs):

    opts = cfg.CONF.pecan
    config = {
        "server": {"port": cfg.CONF.bind_port, "host": cfg.CONF.bind_host},
        "app": {
            "root": "dcorch.api.controllers.root.RootController",
            "modules": ["dcorch.api"],
            "debug": opts.debug,
            "auth_enable": opts.auth_enable,
            "errors": {400: "/error", "__force_dict__": True},
        },
    }

    pecan_config = pecan.configuration.conf_from_dict(config)

    # app_hooks = [], hook collection will be put here later

    app = pecan.make_app(
        pecan_config.app.root,
        debug=False,
        wrap_app=_wrap_app,
        force_canonical=False,
        hooks=lambda: [ctx.AuthHook()],
        guess_content_type_from_ext=True,
    )

    return app


def load_paste_app(app_name=None):
    """Loads a WSGI app from a paste config file."""
    if app_name is None:
        app_name = cfg.CONF.prog

    loader = wsgi.Loader(cfg.CONF)
    app = loader.load_app(app_name)
    return app


def _wrap_app(app):
    app = request_id.RequestId(app)
    if cfg.CONF.pecan.auth_enable and cfg.CONF.auth_strategy == "keystone":
        conf = dict(cfg.CONF.keystone_authtoken)
        # Change auth decisions of requests to the app itself.
        conf.update({"delay_auth_decision": True})

        # NOTE: Policy enforcement works only if Keystone
        # authentication is enabled. No support for other authentication
        # types at this point.
        return auth_token.AuthProtocol(app, conf)
    else:
        return app


_launcher = None


def serve(api_service, conf, workers=1):
    global _launcher
    if _launcher:
        raise RuntimeError(_("serve() can only be called once"))

    _launcher = service.launch(conf, api_service, workers=workers)


def wait():
    _launcher.wait()