import { Controller, Get, Headers, HttpException, Logger } from '@nestjs/common';
import { WorklistService } from './worklist.service';

@Controller('api/worklist')
export class WorklistController {
    private readonly logger = new Logger(WorklistController.name);

    constructor(private readonly worklist: WorklistService) {}

    @Get()
    async getWorklist(@Headers('authorization') authHeader: string) {
        if (!authHeader) {
            throw new HttpException('Authorization required', 401);
        }

        // Decode the JWT to extract the agent name
        // The platform JWT payload contains user info — we extract the name
        const agentName = this.extractAgentName(authHeader);
        if (!agentName) {
            throw new HttpException('Could not determine agent identity from token', 400);
        }

        this.logger.log(`Fetching worklist for agent: ${agentName}`);

        return this.worklist.getWorklist(agentName, authHeader);
    }

    private extractAgentName(authHeader: string): string | null {
        try {
            const token = authHeader.replace(/^Bearer\s+/i, '');
            // JWT payload is the second segment, base64url-encoded
            const payload = JSON.parse(
                Buffer.from(token.split('.')[1], 'base64url').toString('utf8'),
            );
            // The platform JWT includes sub (userId) and workspace info
            // The agent name comes from firstName + lastName in the token
            const firstName = payload.firstName ?? payload.given_name ?? '';
            const lastName = payload.lastName ?? payload.family_name ?? '';
            const fullName = `${firstName} ${lastName}`.trim();
            return fullName || payload.email || payload.sub || null;
        } catch {
            return null;
        }
    }
}