<?php
namespace Opencart\Catalog\Controller\Extension\Hutko\Payment;

class Hutko extends \Opencart\System\Engine\Controller {
	private $checkout_url = 'https://pay.hutko.org/api/checkout/url/';

	public function index(): string {
		$this->load->language('extension/hutko/payment/hutko');
		return $this->load->view('extension/hutko/payment/hutko', ['language' => $this->config->get('config_language')]);
	}

	public function confirm(): void {
		// Load language here so 'text_redirecting_comment' is available
		$this->load->language('extension/hutko/payment/hutko');
		$this->load->model('checkout/order');
		
		$json = [];

		if (!isset($this->session->data['order_id'])) {
			$json['error'] = 'Session missing';
			$json['redirect'] = $this->url->link('checkout/failure', 'language=' . $this->config->get('config_language'), true);
		} else {
			$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
			
			if (!$order_info) {
				$json['error'] = 'Order missing';
			} else {
				$request_data = $this->buildRequest($order_info);
				
				if (!$request_data) {
					$json['error'] = $this->language->get('error_payment_data_build');
				} else {
					$this->load->model('extension/hutko/payment/hutko');
					$this->model_extension_hutko_payment_hutko->addHutkoOrder($order_info['order_id'], $request_data['order_id']);

					$response = $this->api($this->checkout_url, $request_data);

					if (($response['response']['response_status'] ?? '') === 'success' && !empty($response['response']['checkout_url'])) {
						// Language keys are loaded now, so this will contain actual text
						$comment = sprintf($this->language->get('text_redirecting_comment'), $request_data['order_id'], $response['response']['checkout_url']);
						$this->model_checkout_order->addHistory($order_info['order_id'], $this->config->get('payment_hutko_new_order_status_id'), $comment, false);
						
						$json['redirect'] = $response['response']['checkout_url'];
					} else {
						$err = $response['response']['error_message'] ?? $this->language->get('error_api_communication');
						$json['error'] = $err;
						$this->logOC('Checkout Error: ' . $err);
					}
				}
			}
		}

		$this->response->addHeader('Content-Type: application/json');
		$this->response->setOutput(json_encode($json));
	}

	public function callback(): void {
		// IMPORTANT: Load language for status translations (e.g. text_payment_approved)
		$this->load->language('extension/hutko/payment/hutko');
		
		$input = file_get_contents("php://input");
		$data = json_decode($input, true);

		if ($this->config->get('payment_hutko_save_logs')) {
			$this->logOC('Callback: ' . $input);
		}

		if (!$data || !$this->validate($data)) {
			http_response_code(400);
			exit('Invalid Request');
		}

		$parts = explode('#', $data['order_id']);
		$order_id = (int)$parts[0];
		
		$this->load->model('checkout/order');
		$order_info = $this->model_checkout_order->getOrder($order_id);

		if ($order_info) {
			$status = $data['order_status'] ?? '';
			$comment_details = "Hutko Order ID: " . $data['order_id'] . ". Status: " . $status . ". ";
			
			$current_status_id = $order_info['order_status_id'];
			
			if ($status === 'approved') {
				if (isset($data['response_status']) && $data['response_status'] == 'success' && (!isset($data['reversal_amount']) || (int)$data['reversal_amount'] === 0)) {
					$target = (int)$this->config->get('payment_hutko_success_status_id');
					if ($current_status_id != $target) {
						$msg = $this->language->get('text_payment_approved') . ' ' . $comment_details;
						$this->model_checkout_order->addHistory($order_id, $target, $msg, true);
					}
					echo "OK";
				} else {
					echo "Approved but invalid details";
				}
			} elseif ($status === 'declined') {
				$target = (int)$this->config->get('payment_hutko_declined_status_id');
				if ($current_status_id != $target) {
					$msg = $this->language->get('text_payment_declined') . ' ' . $comment_details;
					$this->model_checkout_order->addHistory($order_id, $target, $msg, true);
				}
				echo "Order declined";
			} elseif ($status === 'expired') {
				$target = (int)$this->config->get('payment_hutko_expired_status_id');
				if ($current_status_id != $target) {
					$msg = $this->language->get('text_payment_expired') . ' ' . $comment_details;
					$this->model_checkout_order->addHistory($order_id, $target, $msg, true);
				}
				echo "Order expired";
			} else {
				echo "Status received";
			}
		} else {
			http_response_code(404);
			echo "Order not found";
		}
	}

	private function buildRequest($order) {
		$ref = $order['order_id'] . '#' . time();
		
		$products_data = $this->getProducts($order['order_id'], $order);
		
		$total_products_sum = 0;
		foreach ($products_data as $p) {
			$total_products_sum += $p['total_amount'];
		}

		$totals_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order['order_id'] . "' ORDER BY sort_order ASC");
		$shipping_cost = 0;
		foreach ($totals_query->rows as $t) {
			if ($t['code'] == 'shipping') {
				$shipping_cost += $this->currency->format($t['value'], $order['currency_code'], $order['currency_value'], false);
			}
		}

		$order_total_val = $this->currency->format($order['total'], $order['currency_code'], $order['currency_value'], false);
		
		if ($this->config->get('payment_hutko_include_discount_to_total')) {
			$amount_val = $order_total_val;
			if (!$this->config->get('payment_hutko_shipping_include')) {
				$amount_val -= $shipping_cost;
			}
		} else {
			$amount_val = $total_products_sum;
		}

		if ($amount_val < 0.01) $amount_val = 0.01;
		$total_cents = (int)round($amount_val * 100);

		$reservation_data = [
			"cms_name"         => "OpenCart",
			"cms_version"      => VERSION,
			"shop_domain"      => preg_replace("(^https?://)", "", HTTP_SERVER),
			"phonemobile"      => $order['telephone'],
			"customer_address" => $order['payment_address_1'] . ' ' . $order['payment_address_2'],
			"customer_country" => $order['shipping_iso_code_2'],
			"customer_name"    => $order['firstname'] . ' ' . $order['lastname'],
			"customer_email"   => $order['email'],
			"products"         => $products_data
		];

		$data = [
			'order_id'            => $ref,
			'merchant_id'         => $this->config->get('payment_hutko_merchant_id'),
			'amount'              => $total_cents,
			'currency'            => $order['currency_code'],
			'order_desc'          => 'Order #' . $order['order_id'],
			'response_url'        => $this->url->link('checkout/success', 'language=' . $this->config->get('config_language'), true),
			'server_callback_url' => $this->url->link('extension/hutko/payment/hutko.callback', '', true),
			'sender_email'        => $order['email'],
			'reservation_data'    => base64_encode(json_encode($reservation_data))
		];
		
		$data['signature'] = $this->sign($data);
		return $data;
	}

	private function getProducts(int $order_id, array $order_info): array {
		$products_data = [];
		$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_product` WHERE `order_id` = '" . (int)$order_id . "'");

		foreach ($query->rows as $product) {
			$unit_price = $this->currency->format($product['price'] + $product['tax'], $order_info['currency_code'], $order_info['currency_value'], false);
			$total_price = $this->currency->format($product['total'] + ($product['tax'] * $product['quantity']), $order_info['currency_code'], $order_info['currency_value'], false);

			$products_data[] = [
				"id"           => $product['product_id'],
				"name"         => $product['name'] . ' ' . $product['model'],
				"price"        => round((float)$unit_price, 2),
				"total_amount" => round((float)$total_price, 2),
				"quantity"     => (int)$product['quantity'],
			];
		}

		if ($this->config->get('payment_hutko_shipping_include')) {
			$totals = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order_id . "' AND code = 'shipping'");
			if ($totals->num_rows) {
				$shipping_val = $this->currency->format($totals->row['value'], $order_info['currency_code'], $order_info['currency_value'], false);
				if ($shipping_val > 0) {
					$products_data[] = [
						"id"           => $this->config->get('payment_hutko_shipping_product_code') ?: 'SHIPPING',
						"name"         => $this->config->get('payment_hutko_shipping_product_name') ?: 'Shipping',
						"price"        => round((float)$shipping_val, 2),
						"total_amount" => round((float)$shipping_val, 2),
						"quantity"     => 1,
					];
				}
			}
		}
		return $products_data;
	}

	private function sign($data) {
		$key = $this->config->get('payment_hutko_secret_key');
		$arr = array_filter($data, function($v){ return $v !== '' && $v !== null; });
		ksort($arr);
		$str = $key;
		foreach($arr as $v) $str .= '|' . $v;
		return sha1($str);
	}
	
	private function validate($data) {
		$sig = $data['signature'] ?? '';
		unset($data['signature'], $data['response_signature_string']);
		return hash_equals($this->sign($data), $sig);
	}

	private function api($url, $data) {
		if ($this->config->get('payment_hutko_save_logs')) $this->logOC('Req: ' . json_encode($data));

		$ch = curl_init($url);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['request' => $data]));
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
		curl_setopt($ch, CURLOPT_TIMEOUT, 30);
		
		$res = curl_exec($ch);
		$error = curl_error($ch);
		curl_close($ch);

		if ($this->config->get('payment_hutko_save_logs')) {
			$this->logOC('Res: ' . $res);
			if ($error) $this->logOC('Curl Error: ' . $error);
		}
		
		return json_decode($res, true) ?: [];
	}

	private function logOC($msg) {
		$this->log->write("Hutko Payment: " . $msg);
	}
}