import config from "../config.json"
import * as crypto from "./crypto"

addEventListener 'fetch', (event) =>
  event.respondWith handleRequest event

handleRequest = ({ request }) ->
  if request.method is "PUT"
    return handlePUT request

  return new Response "Not Found",
    status: 404

handlePUT = (request) ->
  url = new URL request.url
  if url.searchParams.has "v2"
    valid = await verifySignatureV2 url.searchParams.get("v2"), url, request
    return verifyFailure() unless valid
  return new Response "Valid"

verifyFailure = ->
  return new Response "Invalid signature",
    status: 403

verifySignatureV2 = (sig, url, request) ->
  content_length = request.headers.get "Content-Length"
  content_type = request.headers.get "Content-Type"
  if not (content_length? and content_type?)
    return false

  sign_str = url.pathname[1..] + "\0" + content_length + "\0" + content_type
  local_sig = await crypto.HMAC_SHA256 crypto.utf8Bytes(config.xmpp_secret), sign_str
  local_sig = crypto.hex local_sig

  return local_sig is sig