package jose

import "strings"

type JWT JWS

func ParseJWT(token string) (jwt JWT, err error) {
	jws, err := ParseJWS(token)
	if err != nil {
		return
	}

	return JWT(jws), nil
}

func NewJWT(header JOSEHeader, claims Claims) (jwt JWT, err error) {
	jwt = JWT{}

	jwt.Header = header
	jwt.Header[HeaderMediaType] = "JWT"

	claimBytes, err := marshalClaims(claims)
	if err != nil {
		return
	}
	jwt.Payload = claimBytes

	eh, err := encodeHeader(header)
	if err != nil {
		return
	}
	jwt.RawHeader = eh

	ec, err := encodeClaims(claims)
	if err != nil {
		return
	}
	jwt.RawPayload = ec

	return
}

func (j *JWT) KeyID() (string, bool) {
	kID, ok := j.Header[HeaderKeyID]
	return kID, ok
}

func (j *JWT) Claims() (Claims, error) {
	return decodeClaims(j.Payload)
}

// Encoded data part of the token which may be signed.
func (j *JWT) Data() string {
	return strings.Join([]string{j.RawHeader, j.RawPayload}, ".")
}

// Full encoded JWT token string in format: header.claims.signature
func (j *JWT) Encode() string {
	d := j.Data()
	s := encodeSegment(j.Signature)
	return strings.Join([]string{d, s}, ".")
}

func NewSignedJWT(claims Claims, s Signer) (*JWT, error) {
	header := JOSEHeader{
		HeaderKeyAlgorithm: s.Alg(),
		HeaderKeyID:        s.ID(),
	}

	jwt, err := NewJWT(header, claims)
	if err != nil {
		return nil, err
	}

	sig, err := s.Sign([]byte(jwt.Data()))
	if err != nil {
		return nil, err
	}
	jwt.Signature = sig

	return &jwt, nil
}