const express = require('express');
const session = require('express-session');
const passport = require('passport');
const { OIDCStrategy } = require('passport-azure-ad');

const app = express();

// Session setup
app.use(
  session({
    secret: 'your-secret',
    resave: false,
    saveUninitialized: true,
  })
);

// Azure AD OIDC Strategy
passport.use(
  new OIDCStrategy(
    {
      identityMetadata: `https://login.microsoftonline.com/538b9b1c-23fa-4102-b36e-a4d83fc9c4c1/v2.0/.well-known/openid-configuration`,
      clientID: '3cdfac60-e7fb-4648-89d3-67966c497d35',
      responseType: 'code',
      responseMode: 'query',
      redirectUrl: 'http://localhost:3000/auth/callback',
      clientSecret: '5Gi8Q~_pmDtvN3.Jwqt85kiI.uiyAAC7Z.4iFayY',
      allowHttpForRedirectUrl: true,
    },
    (issuer, sub, profile, accessToken, refreshToken, done) => {
      // Save the user profile and tokens
      return done(null, { profile, accessToken, refreshToken });
    }
  )
);

// Passport serialization
passport.serializeUser((user, done) => done(null, user));
passport.deserializeUser((user, done) => done(null, user));

// Initialize Passport
app.use(passport.initialize());
app.use(passport.session());

// Authentication routes
app.get('/auth', passport.authenticate('azuread-openidconnect'));

app.get(
  '/auth/callback',
  passport.authenticate('azuread-openidconnect', { failureRedirect: '/' }),
  (req, res) => {
    res.send("Success");
  }
);

// Logout route
app.get('/logout', (req, res) => {
  req.logout(() => {
    res.redirect('/');
  });
});

// Start server
const port = process.env.PORT || 3000;
app.listen(port, () => console.log(`Server running on http://localhost:${port}`));