import { Authentication } from '../../../domain/authentication.types';

interface ErrorResponse {
  state?: string;
  error: Authentication.Oauth2.Error;
  error_description?: string;
  error_uri?: string;
}

namespace AuthorizationCode {
  interface AuthorizationRequest {
    response_type: Authentication.Oauth2.ResponseType.Code;
    client_id: string;
    redirect_uri?: string;
    scope?: string;
    state?: string;
  }

  interface AuthorizationResponse {
    code: string; // 10min redis
    state?: string;
  }

  interface AccessTokenRequest {
    grant_type: Authentication.Oauth2.AuthorizationGrant.AuthorizationCode;
    code: string;
    redirect_uri?: string;
    client_id: string;
  }

  interface AccessTokenResponse {
    access_token: string;
    token_type: 'bearer';
    expires_in: number;
    refresh_token?: string;
  }
}

// application/x-www-form-urlencoded 
// Authorization header required if of type `confidential`
// Basic base64(clientId:clientSecret) 
namespace ResourceOwner {
  interface AccessTokenRequest {
    grant_type: Authentication.Oauth2.GrantType.Password;
    username: string;
    password: string;
    scope?: string;
  }
  
  interface AccessTokenResponse {
    access_token: string;
    token_type: 'bearer'; // ?
    expires_in: number;
    refresh_token?: string;
  }
}

// `confidential` only
namespace ClientCredentials {
  interface AccessTokenRequest {
    // grant_type: Authentication.Oauth2.GrantType.ClientCredentials;
    scope?: string;
  }

  interface AccessTokenResponse {
    access_token: string;
    token_type: 'bearer';
    expires_in: number;
  }
}