package auth

import (
	"github.com/Nerzal/gocloak/v13/pkg/jwx"
	"github.com/golang-jwt/jwt/v4"
	"github.com/mitchellh/mapstructure"
)

type Claims struct {
	Acr            string             `mapstructure:"acr"`
	AllowedOrigins []string           `mapstructure:"allowed-origins"`
	Aud            string             `mapstructure:"aud"`
	Azp            string             `mapstructure:"azp"`
	EmailVerified  bool               `mapstructure:"email_verified"`
	ExpiresAr      int                `mapstructure:"exp"`
	IssuedAt       int                `mapstructure:"iat"`
	Issuer         string             `mapstructure:"iss"`
	Jti            string             `mapstructure:"jti"`
	Username       string             `mapstructure:"preferred_username"`
	RealmAccess    jwx.RealmAccess    `mapstructure:"realm_access"`
	ResourceAccess jwx.ResourceAccess `mapstructure:"resource_access"`
	Scope          string             `mapstructure:"scope"`
	SessionState   string             `mapstructure:"session_state"`
	Sid            string             `mapstructure:"sid"`
	Sub            string             `mapstructure:"sub"`
	Typ            string             `mapstructure:"typ"`
}

func DecodeClaims(t *jwt.Token) (*Claims, error) {
	r := Claims{}
	if err := mapstructure.Decode(t.Claims, &r); err != nil {
		return nil, err
	}

	return &r, nil
}