import { cookies } from "next/headers";
import { NextRequest, NextResponse } from "next/server";

type StripeOAuthResponse = {
  access_token: string;
  refresh_token: string;
  stripe_user_id: string;
  scope: string;
};

export async function GET(req: NextRequest) {
  const cookieStore = await cookies();
  const session = cookieStore.get("session");

  // Safety: user must still be logged in
  if (!session) {
    return NextResponse.redirect(
      new URL("/login", process.env.NEXT_PUBLIC_BASE_URL)
    );
  }

  const { searchParams } = new URL(req.url);
  const code = searchParams.get("code");
  const error = searchParams.get("error");

  if (error) {
    console.error("Stripe OAuth error:", error);
    return NextResponse.redirect(
      new URL("/connect/stripe?error=oauth_failed", process.env.NEXT_PUBLIC_BASE_URL)
    );
  }

  if (!code) {
    return NextResponse.json(
      { error: "Missing OAuth code" },
      { status: 400 }
    );
  }

  // Exchange code for access token
  const tokenRes = await fetch("https://connect.stripe.com/oauth/token", {
    method: "POST",
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
    },
    body: new URLSearchParams({
      grant_type: "authorization_code",
      code,
      client_secret: process.env.STRIPE_SECRET_KEY!,
    }),
  });

  if (!tokenRes.ok) {
    const text = await tokenRes.text();
    console.error("Stripe token exchange failed:", text);

    return NextResponse.redirect(
      new URL("/connect/stripe?error=token_exchange_failed", process.env.NEXT_PUBLIC_BASE_URL)
    );
  }

  const data = (await tokenRes.json()) as StripeOAuthResponse;

  /**
   * TODO (NEXT STEP):
   * - Encrypt tokens
   * - Persist to DB against the current user
   *
   * Required fields:
   * - data.stripe_user_id   (acct_...)
   * - data.access_token
   * - data.refresh_token
   * - mode: "test"
   */

    console.log("Stripe OAuth success", {
    stripe_account_id: data.stripe_user_id,
    scope: data.scope,
    has_access_token: Boolean(data.access_token),
    has_refresh_token: Boolean(data.refresh_token),
    access_token_preview: data.access_token?.slice(0, 8) + "...",
    });

  // MVP success redirect
  return NextResponse.redirect(
    new URL("/connect/stripe/success", process.env.APP_URL)
  );
}