const nacl = require('tweetnacl');
const { Buffer } = require('buffer');
const { BOT_SECRET } = require('../config');

function getKeyPairFromSecret(secret) {
  let seed = secret;
  while (seed.length < 32) seed += secret;
  seed = seed.slice(0, 32);
  const seedUint8 = Buffer.from(seed, 'utf-8');
  return nacl.sign.keyPair.fromSeed(seedUint8);
}

function generateCallbackSignature(event_ts, plain_token) {
  const keyPair = getKeyPairFromSecret(BOT_SECRET);
  const privateKey = keyPair.secretKey;
  const msgToSign = Buffer.concat([
    Buffer.from(String(event_ts), 'utf-8'),
    Buffer.from(plain_token, 'utf-8')
  ]);
  return Buffer.from(nacl.sign.detached(msgToSign, privateKey)).toString('hex');
}

function verifySignature(timestamp, rawBody, signature) {
  const keyPair = getKeyPairFromSecret(BOT_SECRET);
  const publicKey = keyPair.publicKey;
  const msg = Buffer.from(timestamp + rawBody.toString('utf-8'));
  return nacl.sign.detached.verify(
    msg,
    Buffer.from(signature, 'hex'),
    publicKey
  );
}

module.exports = {
  generateCallbackSignature,
  verifySignature,
};