package schema

// LDAPAuthenticationBackendConfiguration represents the configuration related to LDAP server.
type LDAPAuthenticationBackendConfiguration struct {
	URL                string `mapstructure:"url"`
	SkipVerify         bool   `mapstructure:"skip_verify"`
	BaseDN             string `mapstructure:"base_dn"`
	AdditionalUsersDN  string `mapstructure:"additional_users_dn"`
	UsersFilter        string `mapstructure:"users_filter"`
	AdditionalGroupsDN string `mapstructure:"additional_groups_dn"`
	GroupsFilter       string `mapstructure:"groups_filter"`
	GroupNameAttribute string `mapstructure:"group_name_attribute"`
	UsernameAttribute  string `mapstructure:"username_attribute"`
	MailAttribute      string `mapstructure:"mail_attribute"`
	User               string `mapstructure:"user"`
	Password           string `mapstructure:"password"`
}

// FileAuthenticationBackendConfiguration represents the configuration related to file-based backend
type FileAuthenticationBackendConfiguration struct {
	Path            string                        `mapstructure:"path"`
	PasswordHashing *PasswordHashingConfiguration `mapstructure:"password"`
}

type PasswordHashingConfiguration struct {
	Iterations  int    `mapstructure:"iterations"`
	KeyLength   int    `mapstructure:"key_length"`
	SaltLength  int    `mapstructure:"salt_length"`
	Algorithm   string `mapstrucutre:"algorithm"`
	Memory      int    `mapstructure:"memory"`
	Parallelism int    `mapstructure:"parallelism"`
}

// Default Argon2id Configuration
var DefaultPasswordOptionsConfiguration = PasswordHashingConfiguration{
	Iterations:  1,
	KeyLength:   32,
	SaltLength:  16,
	Algorithm:   "argon2id",
	Memory:      1024,
	Parallelism: 8,
}

// Default Argon2id Configuration for CI testing when calling HashPassword()
var DefaultCIPasswordOptionsConfiguration = PasswordHashingConfiguration{
	Iterations:  1,
	KeyLength:   32,
	SaltLength:  16,
	Algorithm:   "argon2id",
	Memory:      128,
	Parallelism: 8,
}

// Default SHA512 Cofniguration
var DefaultPasswordOptionsSHA512Configuration = PasswordHashingConfiguration{
	Iterations: 50000,
	SaltLength: 16,
	Algorithm:  "sha512",
}

// AuthenticationBackendConfiguration represents the configuration related to the authentication backend.
type AuthenticationBackendConfiguration struct {
	Ldap *LDAPAuthenticationBackendConfiguration `mapstructure:"ldap"`
	File *FileAuthenticationBackendConfiguration `mapstructure:"file"`
}