import { NextRequest, NextResponse } from 'next/server';
import { createHash } from 'crypto';

import { db } from '@/lib/db';
import { verifyDocumensoSecret } from '@/lib/services/documenso-webhook';
import {
  handleRecipientSigned,
  handleDocumentCompleted,
  handleDocumentExpired,
  handleDocumentOpened,
  handleDocumentRejected,
  handleDocumentCancelled,
} from '@/lib/services/documents.service';
import { env } from '@/lib/env';
import { logger } from '@/lib/logger';

// BR-024: Dedup via signatureHash unique index on documentEvents
// Always return 200 from webhook (webhook best practice)

// Documenso emits Prisma enum names on the wire (e.g. "DOCUMENT_SIGNED").
// The UI displays them as lowercase-dotted ("document.signed") but the JSON
// body uses the enum value as-is. Normalize both forms in case 2.x ever flips.
function canonicalizeEvent(event: string): string {
  return event.toUpperCase().replace(/\./g, '_');
}

type DocumensoRecipient = {
  email: string;
  signingStatus?: string;
  readStatus?: string;
  signedAt?: string | null;
};

type DocumensoWebhookBody = {
  event: string;
  payload: {
    id: number | string;
    recipients?: DocumensoRecipient[];
  };
};

export async function POST(req: NextRequest): Promise<NextResponse> {
  let rawBody: string;

  try {
    rawBody = await req.text();
  } catch {
    return NextResponse.json({ ok: false }, { status: 200 });
  }

  // Documenso v1.13 + 2.x send the secret in plaintext via X-Documenso-Secret.
  const providedSecret = req.headers.get('x-documenso-secret') ?? '';

  if (!verifyDocumensoSecret(providedSecret, env.DOCUMENSO_WEBHOOK_SECRET)) {
    logger.warn({ providedLen: providedSecret.length }, 'Invalid Documenso webhook secret');
    return NextResponse.json({ ok: false, error: 'Invalid secret' }, { status: 200 });
  }

  // Compute deduplication hash
  const signatureHash = createHash('sha256').update(rawBody).digest('hex');

  let parsed: DocumensoWebhookBody;

  try {
    parsed = JSON.parse(rawBody) as DocumensoWebhookBody;
  } catch {
    logger.warn('Failed to parse Documenso webhook payload');
    return NextResponse.json({ ok: false }, { status: 200 });
  }

  // Replay guard: if any event with this hash already exists, skip.
  try {
    const existing = await db.query.documentEvents.findFirst({
      where: (de, { eq }) => eq(de.signatureHash, signatureHash),
    });

    if (existing) {
      logger.info({ signatureHash }, 'Duplicate Documenso webhook — skipping');
      return NextResponse.json({ ok: true }, { status: 200 });
    }
  } catch (err) {
    logger.error({ err }, 'Failed to check duplicate webhook');
  }

  const event = canonicalizeEvent(parsed.event);
  const documensoId = String(parsed.payload?.id ?? '');
  const recipients = parsed.payload?.recipients ?? [];

  if (!documensoId) {
    logger.warn({ event }, 'Documenso webhook missing payload.id');
    return NextResponse.json({ ok: true }, { status: 200 });
  }

  try {
    switch (event) {
      case 'DOCUMENT_SIGNED':
      case 'DOCUMENT_RECIPIENT_COMPLETED': {
        // v1.13 fires DOCUMENT_SIGNED per recipient sign;
        // 2.x fires DOCUMENT_RECIPIENT_COMPLETED for the same semantics.
        const signedRecipients = recipients.filter(
          (r) => r.signingStatus === 'SIGNED' || Boolean(r.signedAt),
        );
        for (const r of signedRecipients) {
          await handleRecipientSigned({
            documentId: documensoId,
            recipientEmail: r.email,
            signatureHash: `${signatureHash}:signed:${r.email}`,
          });
        }
        break;
      }

      case 'DOCUMENT_OPENED': {
        const openedRecipients = recipients.filter((r) => r.readStatus === 'OPENED');
        for (const r of openedRecipients) {
          await handleDocumentOpened({
            documentId: documensoId,
            recipientEmail: r.email,
            signatureHash: `${signatureHash}:opened:${r.email}`,
          });
        }
        break;
      }

      case 'DOCUMENT_COMPLETED':
        await handleDocumentCompleted({ documentId: documensoId });
        break;

      case 'DOCUMENT_REJECTED': {
        const rejecting = recipients.find((r) => r.signingStatus === 'REJECTED');
        await handleDocumentRejected({
          documentId: documensoId,
          recipientEmail: rejecting?.email,
          signatureHash,
        });
        break;
      }

      case 'DOCUMENT_CANCELLED':
        await handleDocumentCancelled({ documentId: documensoId, signatureHash });
        break;

      case 'DOCUMENT_EXPIRED':
        await handleDocumentExpired({ documentId: documensoId });
        break;

      default:
        logger.info({ event }, 'Unhandled Documenso webhook event type');
    }
  } catch (err) {
    logger.error({ err, event }, 'Error processing Documenso webhook');
  }

  return NextResponse.json({ ok: true }, { status: 200 });
}