//go:build standalone

package checker

import (
	"errors"
	"net/http"
	"strconv"
	"strings"

	sdk "git.happydns.org/checker-sdk-go/checker"
)

// RenderForm implements server.Interactive. It exposes the same option
// set as /evaluate, minus the AutoFill hint on `domain` (the human is the
// one filling it in) and with a sensible default timeout.
func (p *ldapProvider) RenderForm() []sdk.CheckerOptionField {
	return []sdk.CheckerOptionField{
		{
			Id:          "domain",
			Type:        "string",
			Label:       "Domain",
			Placeholder: "example.com",
			Required:    true,
		},
		{
			Id:      "timeout",
			Type:    "number",
			Label:   "Per-endpoint timeout (seconds)",
			Default: 10,
		},
		{
			Id:          "bind_dn",
			Type:        "string",
			Label:       "Bind DN",
			Placeholder: "cn=reader,dc=example,dc=com",
			Description: "Optional. When set (with bind_password), the checker performs an authenticated bind over TLS and reports whether the directory accepts the provided credentials.",
		},
		{
			Id:          "bind_password",
			Type:        "string",
			Label:       "Bind password",
			Secret:      true,
			Description: "Optional. Only used when bind_dn is set. The password is not persisted in the observation payload.",
		},
		{
			Id:          "base_dn",
			Type:        "string",
			Label:       "Base DN (read test)",
			Placeholder: "dc=example,dc=com",
			Description: "Optional. When set, the checker runs a baseObject search on this DN after a successful bind to verify the account has read access.",
		},
	}
}

// ParseForm implements server.Interactive. Collect handles its own SRV
// and A/AAAA lookups, so the form only needs to forward the user-supplied
// values -- no extra host-side resolution is required here.
func (p *ldapProvider) ParseForm(r *http.Request) (sdk.CheckerOptions, error) {
	domain := strings.TrimSpace(r.FormValue("domain"))
	if domain == "" {
		return nil, errors.New("domain is required")
	}
	opts := sdk.CheckerOptions{"domain": domain}
	if v := strings.TrimSpace(r.FormValue("timeout")); v != "" {
		f, err := strconv.ParseFloat(v, 64)
		if err != nil {
			return nil, errors.New("timeout must be a number")
		}
		opts["timeout"] = f
	}
	if v := strings.TrimSpace(r.FormValue("bind_dn")); v != "" {
		opts["bind_dn"] = v
	}
	if v := r.FormValue("bind_password"); v != "" {
		opts["bind_password"] = v
	}
	if v := strings.TrimSpace(r.FormValue("base_dn")); v != "" {
		opts["base_dn"] = v
	}
	return opts, nil
}