#!/usr/bin/env node
import { readFileSync } from 'node:fs';
import { resolve, dirname } from 'node:path';
import { fileURLToPath } from 'node:url';

const root = resolve(dirname(fileURLToPath(import.meta.url)), '..');

function loadEnv(path) {
  try {
    return Object.fromEntries(
      readFileSync(path, 'utf8')
        .split('\n')
        .filter((line) => line && !line.startsWith('#'))
        .map((line) => {
          const i = line.indexOf('=');
          return [line.slice(0, i).trim(), line.slice(i + 1).trim()];
        }),
    );
  } catch {
    return {};
  }
}

const env = loadEnv(resolve(root, 'frontend/.env'));
const base = env.VITE_AUTHENTIK_URL || 'http://127.0.0.1:9000';
const slug = env.VITE_OIDC_APP_SLUG || 'oidc-demo';
const authority =
  env.VITE_OIDC_AUTHORITY ||
  `${base.replace(/\/+$/, '')}/application/o/${slug}/`;
const discovery = `${authority.replace(/\/?$/, '/')}.well-known/openid-configuration`;

console.log(`Checking ${discovery}`);

try {
  const res = await fetch(discovery);
  if (!res.ok) {
    console.error(`Failed: HTTP ${res.status}`);
    process.exit(1);
  }
  const json = await res.json();
  console.log('OK — issuer:', json.issuer);
} catch (err) {
  console.error('Failed to fetch:', err.message);
  console.error('\nStart Authentik: cd deploy && ./start-authentik.sh');
  process.exit(1);
}