package authz

import (
	"context"
	"errors"

	auth "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3"
	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
)

type CompositeCheckService struct {
	services []auth.AuthorizationServer
	auth.UnimplementedAuthorizationServer
}

func NewCheckService(services []auth.AuthorizationServer) auth.AuthorizationServer {
	return &CompositeCheckService{
		services: services,
	}
}

func (svc *CompositeCheckService) Check(ctx context.Context, request *auth.CheckRequest) (*auth.CheckResponse, error) {
	for _, client := range svc.services {
		response, err := client.Check(ctx, request)
		if err != nil {
			pls.LogError(ctx, err)
			continue
		}

		return response, err
	}

	return nil, errors.New("Unable to perform check")
}