# SPDX-FileCopyrightText: 2024 UniWorX Systems
# SPDX-FileContributor: David Mosbach <david.mosbach@uniworx.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

{
  description = "Insecure mock server for OAuth2";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs";
  };

  outputs = { self, nixpkgs }:
    let
      system = "x86_64-linux";
      name = "oauth2-mock-server";
      pkgs = import nixpkgs { inherit system; };
      stackWrapper = pkgs.symlinkJoin {
        name = "stack";
        paths = [ pkgs.stack ];
        buildInputs = with pkgs; [ makeWrapper ];
        postBuild = ''
          wrapProgram $out/bin/stack \
            --add-flags "--no-install-ghc"
        '';
      };
      buildInputs = [ stackWrapper ] ++ (
        with pkgs; [ reuse zlib postgresql_16 ] ++ (
          with haskell.packages."ghc927"; [ ghc haskell-language-server ]
        )
      );
      libPath = pkgs.lib.makeLibraryPath buildInputs;
      oms = pkgs.stdenv.mkDerivation {
        inherit buildInputs;
        inherit name;
        pname = name;
        src = ./.;
        # dontUnpack = true;
        buildPhase = ''
          HOME=$out
          LD_LIBRARY_PATH=${libPath}
          mkdir -p $HOME/.stack
          stack build --verbose
          rm -rf $HOME/.stack
        '';
        installPhase = ''
          mkdir -p $out/bin
          mv .stack-work/install/${system}/*/*/bin/${name}-exe $out/bin/${name}
          rm -rf .stack-work
        '';
      };
      mkDB = builtins.readFile ./mkDB.sh;
      killDB = builtins.readFile ./killDB.sh;
    in {

      packages.${system} = {
        ${name} = oms; # nixpkgs.legacyPackages.${system}.${name};
        mkOauth2DB = pkgs.writeScriptBin "mkOauth2DB" ''
          #!${pkgs.zsh}/bin/zsh -e
          ${mkDB}
        '';
        killOauth2DB = pkgs.writeScriptBin "killOauth2DB" ''
          #!${pkgs.zsh}/bin/zsh -e
          ${killDB}
        '';
        default = self.packages.${system}.${name};
      };

      devShells.${system}.default = pkgs.mkShell {
        buildInputs = buildInputs ++ (with self.packages.${system}; [mkOauth2DB killOauth2DB]);
        LD_LIBRARY_PATH = libPath;
        OAUTH2_HBA = ./hba_file;
        OAUTH2_DB_SCHEMA = ./schema.sql;
        OAUTH2_TEST_USERS = ./users.yaml;
        OAUTH2_SERVER_PORT = 9443;
        OAUTH2_DB_PORT = 9444;
        shellHook = ''
          ${mkDB}
          zsh
          ${killDB}
          exit
        '';
      };
    };
  }