<?php

declare(strict_types=1);

namespace App\Framework\Process\Console;

use App\Framework\Console\ConsoleCommand;
use App\Framework\Console\ConsoleInput;
use App\Framework\Console\ExitCode;
use App\Framework\Process\Services\SslCertificateService;

/**
 * SSL Certificate Console Commands.
 */
final readonly class SslCommands
{
    public function __construct(
        private SslCertificateService $sslService
    ) {
    }

    #[ConsoleCommand('ssl:check', 'Check SSL certificate of a domain')]
    public function check(ConsoleInput $input): int
    {
        $domain = $input->getArgument('domain');

        if ($domain === null) {
            echo "❌ Please provide a domain to check.\n";
            echo "Usage: php console.php ssl:check <domain> [--port=443]\n";

            return ExitCode::FAILURE;
        }

        $port = (int) ($input->getOption('port') ?? 443);

        echo "Checking SSL certificate for: {$domain}:{$port}\n\n";

        $result = $this->sslService->checkCertificate($domain, $port);

        echo "┌─ SSL CERTIFICATE CHECK ──────────────────────────────────┐\n";
        echo "│ Domain:         {$result->hostname}\n";

        if ($result->isValid) {
            $cert = $result->certificateInfo;
            if ($cert !== null) {
                echo "│ Status:         ✅ Valid\n";
                echo "│ Subject:        {$cert->subject}\n";
                echo "│ Issuer:         {$cert->issuer}\n";
                echo "│ Valid From:     {$cert->validFrom->format('Y-m-d H:i:s')}\n";
                echo "│ Valid To:       {$cert->validTo->format('Y-m-d H:i:s')}\n";

                $daysUntilExpiry = $cert->getDaysUntilExpiry();
                echo "│ Days Until Expiry: {$daysUntilExpiry}\n";

                if ($cert->isExpiringSoon(30)) {
                    echo "│ ⚠️  WARNING: Certificate expires soon!\n";
                }

                if ($cert->isSelfSigned) {
                    echo "│ ⚠️  WARNING: Certificate is self-signed\n";
                }

                if (! empty($cert->subjectAltNames)) {
                    echo "│ Subject Alt Names:\n";
                    foreach ($cert->subjectAltNames as $san) {
                        echo "│   - {$san}\n";
                    }
                }

                if ($cert->serialNumber !== null) {
                    echo "│ Serial Number:  {$cert->serialNumber}\n";
                }

                if ($cert->signatureAlgorithm !== null) {
                    echo "│ Signature Alg:  {$cert->signatureAlgorithm}\n";
                }
            }
        } else {
            echo "│ Status:         ❌ Invalid\n";

            if (! empty($result->errors)) {
                echo "│ Errors:\n";
                foreach ($result->errors as $error) {
                    echo "│   - {$error}\n";
                }
            }
        }

        if ($result->hasWarnings()) {
            echo "│ Warnings:\n";
            foreach ($result->warnings as $warning) {
                echo "│   - {$warning}\n";
            }
        }

        echo "└─────────────────────────────────────────────────────────┘\n";

        return $result->isValid ? ExitCode::SUCCESS : ExitCode::FAILURE;
    }

    #[ConsoleCommand('ssl:verify', 'Detailed SSL certificate verification')]
    public function verify(ConsoleInput $input): int
    {
        $domain = $input->getArgument('domain');

        if ($domain === null) {
            echo "❌ Please provide a domain to verify.\n";
            echo "Usage: php console.php ssl:verify <domain> [--port=443]\n";

            return ExitCode::FAILURE;
        }

        $port = (int) ($input->getOption('port') ?? 443);

        echo "Verifying SSL certificate for: {$domain}:{$port}\n\n";

        $result = $this->sslService->checkCertificate($domain, $port);

        echo "╔════════════════════════════════════════════════════════════╗\n";
        echo "║              SSL CERTIFICATE VERIFICATION                  ║\n";
        echo "╚════════════════════════════════════════════════════════════╝\n\n";

        echo "┌─ VERIFICATION RESULTS ───────────────────────────────────┐\n";
        echo "│ Domain:         {$result->hostname}\n";
        echo "│ Port:            {$port}\n";

        $statusIcon = $result->isValid ? '✅' : '❌';
        echo "│ Overall Status:  {$statusIcon} " . ($result->isValid ? 'Valid' : 'Invalid') . "\n";
        echo "└─────────────────────────────────────────────────────────┘\n\n";

        if ($result->certificateInfo !== null) {
            $cert = $result->certificateInfo;

            echo "┌─ CERTIFICATE DETAILS ───────────────────────────────────┐\n";
            echo "│ Subject:        {$cert->subject}\n";
            echo "│ Issuer:         {$cert->issuer}\n";
            echo "│ Valid From:     {$cert->validFrom->format('Y-m-d H:i:s')}\n";
            echo "│ Valid To:       {$cert->validTo->format('Y-m-d H:i:s')}\n";
            echo "│ Days Until Expiry: {$cert->getDaysUntilExpiry()}\n";
            echo "│ Is Self-Signed: " . ($cert->isSelfSigned ? 'Yes' : 'No') . "\n";

            if ($cert->serialNumber !== null) {
                echo "│ Serial Number:  {$cert->serialNumber}\n";
            }

            if ($cert->signatureAlgorithm !== null) {
                echo "│ Signature Alg:  {$cert->signatureAlgorithm}\n";
            }

            if (! empty($cert->subjectAltNames)) {
                echo "│\n│ Subject Alternative Names:\n";
                foreach ($cert->subjectAltNames as $san) {
                    echo "│   - {$san}\n";
                }
            }

            echo "└─────────────────────────────────────────────────────────┘\n\n";

            // Validation checks
            echo "┌─ VALIDATION CHECKS ────────────────────────────────────┐\n";

            $checks = [
                'Certificate is valid' => $cert->isValid(),
                'Certificate is not expired' => ! $cert->isExpired(),
                'Certificate is not expiring soon (30 days)' => ! $cert->isExpiringSoon(30),
                'Certificate is not self-signed' => ! $cert->isSelfSigned,
            ];

            foreach ($checks as $check => $passed) {
                $icon = $passed ? '✅' : '❌';
                echo "│ {$icon} {$check}\n";
            }

            echo "└─────────────────────────────────────────────────────────┘\n";
        }

        if (! empty($result->errors)) {
            echo "\n┌─ ERRORS ───────────────────────────────────────────────┐\n";
            foreach ($result->errors as $error) {
                echo "│ ❌ {$error}\n";
            }
            echo "└─────────────────────────────────────────────────────────┘\n";
        }

        if ($result->hasWarnings()) {
            echo "\n┌─ WARNINGS ─────────────────────────────────────────────┐\n";
            foreach ($result->warnings as $warning) {
                echo "│ ⚠️  {$warning}\n";
            }
            echo "└─────────────────────────────────────────────────────────┘\n";
        }

        return $result->isValid && ! $result->hasWarnings() ? ExitCode::SUCCESS : ExitCode::WARNING;
    }

    #[ConsoleCommand('ssl:expiring', 'List domains with expiring certificates')]
    public function expiring(ConsoleInput $input): int
    {
        $domainsOption = $input->getOption('domains');
        $threshold = (int) ($input->getOption('threshold') ?? 30);

        if ($domainsOption === null) {
            echo "❌ Please provide domains to check.\n";
            echo "Usage: php console.php ssl:expiring --domains=example.com,google.com [--threshold=30]\n";

            return ExitCode::FAILURE;
        }

        $domains = array_map('trim', explode(',', $domainsOption));
        $domains = array_filter($domains);

        if (empty($domains)) {
            echo "❌ No valid domains provided.\n";

            return ExitCode::FAILURE;
        }

        echo "Checking {$threshold} days threshold for " . count($domains) . " domain(s)...\n\n";

        $results = $this->sslService->findExpiringCertificates($domains, $threshold);

        if (empty($results)) {
            echo "✅ No certificates expiring within {$threshold} days!\n";

            return ExitCode::SUCCESS;
        }

        echo "┌─ EXPIRING CERTIFICATES ───────────────────────────────────┐\n";
        echo "│ Found " . count($results) . " certificate(s) expiring within {$threshold} days:\n";
        echo "└─────────────────────────────────────────────────────────┘\n\n";

        foreach ($results as $result) {
            $cert = $result->certificateInfo;
            if ($cert === null) {
                continue;
            }

            $daysUntilExpiry = $cert->getDaysUntilExpiry();

            echo "┌─ {$result->hostname} ─────────────────────────────────────────────┐\n";
            echo "│ Days Until Expiry: {$daysUntilExpiry}\n";
            echo "│ Valid To:          {$cert->validTo->format('Y-m-d H:i:s')}\n";
            echo "│ Subject:           {$cert->subject}\n";
            echo "│ Issuer:            {$cert->issuer}\n";

            if (! empty($result->warnings)) {
                echo "│ Warnings:\n";
                foreach ($result->warnings as $warning) {
                    echo "│   - {$warning}\n";
                }
            }

            echo "└─────────────────────────────────────────────────────────┘\n\n";
        }

        return ExitCode::WARNING;
    }

    #[ConsoleCommand('ssl:info', 'Show detailed SSL certificate information')]
    public function info(ConsoleInput $input): int
    {
        $domain = $input->getArgument('domain');

        if ($domain === null) {
            echo "❌ Please provide a domain to check.\n";
            echo "Usage: php console.php ssl:info <domain> [--port=443]\n";

            return ExitCode::FAILURE;
        }

        $port = (int) ($input->getOption('port') ?? 443);

        echo "Retrieving SSL certificate information for: {$domain}:{$port}\n\n";

        $cert = $this->sslService->getCertificateInfo($domain, $port);

        if ($cert === null) {
            echo "❌ Could not retrieve certificate information for {$domain}:{$port}\n";

            return ExitCode::FAILURE;
        }

        echo "╔════════════════════════════════════════════════════════════╗\n";
        echo "║              SSL CERTIFICATE INFORMATION                   ║\n";
        echo "╚════════════════════════════════════════════════════════════╝\n\n";

        echo "┌─ CERTIFICATE INFORMATION ────────────────────────────────┐\n";
        echo "│ Subject:        {$cert->subject}\n";
        echo "│ Issuer:         {$cert->issuer}\n";
        echo "│ Valid From:     {$cert->validFrom->format('Y-m-d H:i:s')}\n";
        echo "│ Valid To:       {$cert->validTo->format('Y-m-d H:i:s')}\n";
        echo "│ Days Until Expiry: {$cert->getDaysUntilExpiry()}\n";
        echo "│ Is Self-Signed: " . ($cert->isSelfSigned ? 'Yes' : 'No') . "\n";

        if ($cert->serialNumber !== null) {
            echo "│ Serial Number:  {$cert->serialNumber}\n";
        }

        if ($cert->signatureAlgorithm !== null) {
            echo "│ Signature Alg:  {$cert->signatureAlgorithm}\n";
        }

        echo "└─────────────────────────────────────────────────────────┘\n\n";

        echo "┌─ VALIDITY STATUS ─────────────────────────────────────────┐\n";
        $validIcon = $cert->isValid() ? '✅' : '❌';
        echo "│ Is Valid:       {$validIcon} " . ($cert->isValid() ? 'Yes' : 'No') . "\n";

        $expiredIcon = $cert->isExpired() ? '❌' : '✅';
        echo "│ Is Expired:     {$expiredIcon} " . ($cert->isExpired() ? 'Yes' : 'No') . "\n";

        $expiringIcon = $cert->isExpiringSoon(30) ? '⚠️' : '✅';
        echo "│ Expiring Soon:  {$expiringIcon} " . ($cert->isExpiringSoon(30) ? 'Yes (within 30 days)' : 'No') . "\n";
        echo "└─────────────────────────────────────────────────────────┘\n\n";

        if (! empty($cert->subjectAltNames)) {
            echo "┌─ SUBJECT ALTERNATIVE NAMES ─────────────────────────────┐\n";
            foreach ($cert->subjectAltNames as $san) {
                echo "│ - {$san}\n";
            }
            echo "└─────────────────────────────────────────────────────────┘\n";
        }

        return ExitCode::SUCCESS;
    }
}