import crypto from "crypto";

console.log(`
Generating Private Keys
-----------------
This script will go through and generate all the keys necessary for running the Credential Manager API locally.
This process might take several minutes.
-----------------`);

const keyFiles = [
  ".accessToken.key",
  ".refreshToken.key",
  ".permissions.key",
  ".secureValues.key",
];

const publicDir = "public-keys";

await Promise.all(
  keyFiles.map(async (v) => {
    const privExists = await Bun.file(v)
      .exists()
      .then((bool) => {
        if (bool) {
          console.log(`'${v}' already exists`);
          return true;
        }
        return false;
      });

    const pubPath = `${publicDir}/${v.replace(/\.key$/, ".pub")}`;
    const pubExists = await Bun.file(pubPath)
      .exists()
      .then((bool) => {
        if (bool) {
          console.log(`'${pubPath}' already exists`);
          return true;
        }
        return false;
      });

    if (!privExists || !pubExists) {
      // Always regenerate both files together to ensure the key pair matches
      console.log(`Generating '${v}' and '${pubPath}'...`);
      const { privateKey, publicKey } = crypto.generateKeyPairSync("rsa", {
        modulusLength: 4096,
        privateKeyEncoding: { type: "pkcs8", format: "pem" },
        publicKeyEncoding: { type: "spki", format: "pem" },
      });
      await Bun.write(v, privateKey);
      await Bun.write(pubPath, publicKey);
    }
    return;
  }),
);

console.log("\nGenerated All Keys Successfully!");