package licensing

import (
	"errors"

	"github.com/yuanyuanxiang/SimpleRemoter/server/go/protocol"
)

// LocalSigner signs directly with the deployment's HMAC master key. The
// operator's own Go server runs in this mode; it also serves as License
// Server for any RemoteSigner customer deployments (LicenseServer in
// server.go reuses the same Signer instance via its public Sign() method).
//
// Sign is HMAC-SHA256 in microseconds — no I/O, no caching needed.
type LocalSigner struct {
	masterKey string
}

// minMasterKeyLen rejects obviously-broken HMAC keys (empty string, "x").
// Real keys are typically `openssl rand -hex 32` (64 chars); 16 bytes is
// the floor we'll accept to catch fat-finger configs without being too
// strict for tests.
const minMasterKeyLen = 16

// NewLocal returns a LocalSigner. An empty or too-short masterKey is a
// configuration bug — silently accepting it would produce stable but
// worthless HMAC output, so we reject at construction.
func NewLocal(masterKey string) (*LocalSigner, error) {
	if masterKey == "" {
		return nil, errors.New("LocalSigner: master HMAC key is empty (set YAMA_SIGN_PASSWORD)")
	}
	if len(masterKey) < minMasterKeyLen {
		return nil, errors.New("LocalSigner: master HMAC key too short (need >= 16 chars)")
	}
	return &LocalSigner{masterKey: masterKey}, nil
}

func (l *LocalSigner) Sign(startTime, clientID string) (string, error) {
	msg := startTime + "|" + clientID
	return protocol.SignMessage(l.masterKey, []byte(msg)), nil
}

func (l *LocalSigner) Mode() string { return "local" }

func (l *LocalSigner) Close() error { return nil }