package auth

import (
	"context"
	"log"
	"tixe/config"

	"github.com/coreos/go-oidc/v3/oidc"
	"golang.org/x/oauth2"
)

func NewProviderAndConfig() (*oidc.Provider, oauth2.Config, error) {
	provider, err := oidc.NewProvider(context.Background(), "https://" + config.TixeConfig.OidcDomain)
	if err != nil {
		log.Printf("[tixe/auth] Failed to create new custom provider")
		return nil, oauth2.Config{}, err
	}

	config := oauth2.Config{
		ClientID: config.TixeConfig.OidcClientID,
		ClientSecret: config.TixeConfig.OidcSecret,
		RedirectURL: config.TixeConfig.Scheme + "://" + config.TixeConfig.Host + "/auth",
		Endpoint: provider.Endpoint(),
		Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
	}

	return provider, config, nil
}