package authz

import (
	"net/http"
	"strings"

	"github.com/lestrrat-go/jwx/v3/jwt"
	"github.com/xlgmokha/x/pkg/log"
)

func TokenFrom(r *http.Request) jwt.Token {
	authorization := r.Header.Get("Authorization")
	if authorization == "" || !strings.Contains(authorization, "Bearer") {
		return jwt.New()
	}

	token, err := jwt.ParseRequest(r,
		jwt.WithContext(r.Context()),
		jwt.WithHeaderKey("Authorization"),
		jwt.WithValidate(false), // TODO:: Connect this to a JSON Web Key Set
		jwt.WithVerify(false),   // TODO:: Connect this to a JSON Web Key Set
	)

	if err != nil {
		log.WithFields(r.Context(), log.Fields{"error": err})
		return jwt.New()
	}

	return token
}