from flask import Flask, request
from flask_restful import Api, Resource
from flask_jwt_extended import create_access_token, JWTManager
from flask_cors import CORS

app = Flask(__name__)
cors = CORS(
    app,
    resources={r"/api/*": {"origins": "*"}},
    expose_headers=["Content-Type", "Authorization", "X-Total-Count"],
)
api = Api(app, prefix='/api/v1.0')
jwt = JWTManager(app)

PEM_PRIVATE = '/opt/auth-server-poc/cert/private.pem'
PEM_PUBLIC = '/opt/auth-server-poc/cert/public.pem'

app.config['JWT_PRIVATE_KEY'] = open(PEM_PRIVATE).read()
app.config['JWT_PUBLIC_KEY'] = open(PEM_PUBLIC).read()
app.config['JWT_ALGORITHM'] = 'ES256'
app.config['JWT_IDENTITY_CLAIM'] = 'sub'
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = False


class AuthApi(Resource):
    def post(self):
        additional_claims = {"type": "access", "domains": ["sunet.se"]}
        access_token = create_access_token(
            identity=request.environ.get('REMOTE_USER'),
            additional_claims=additional_claims,
        )
        return {'access_token': access_token}, 200


@app.route('/')
def index():
    return "<p>Username: {}</p><p>Auth type: {}</p>".format(
        request.environ.get('REMOTE_USER'), request.environ.get('AUTH_TYPE')
    )


api.add_resource(AuthApi, '/auth')