package main

import (
	log "log"
	"os"

	"go.temporal.io/server/common/authorization"
	"go.temporal.io/server/common/config"
	templog "go.temporal.io/server/common/log"
	"go.temporal.io/server/temporal"
)

func main() {
	configEnv := envOrDefault("TEMPORAL_CONFIG_ENV", "development")
	configDir := envOrDefault("TEMPORAL_CONFIG_DIR", "./config")

	cfg, err := config.LoadConfig(configEnv, configDir, "")
	if err != nil {
		log.Fatalf("load config: %v", err)
	}

	logger := templog.NewCLILogger()

	srv, err := temporal.NewServer(
		temporal.ForServices(temporal.DefaultServices),
		temporal.WithConfig(cfg),
		temporal.WithLogger(logger),
		temporal.InterruptOn(temporal.InterruptCh()),
		temporal.WithAuthorizer(authorization.NewDefaultAuthorizer()),
		temporal.WithClaimMapper(func(cfg *config.Config) authorization.ClaimMapper {
			return authorization.NewDefaultJWTClaimMapper(
				// token key provider - fetches public keys from the OIDC provider
				authorization.NewDefaultTokenKeyProvider(&cfg.Global.Authorization, logger),
				&cfg.Global.Authorization,
				logger,
			)
		}),
		temporal.WithAudienceGetter(func(cfg *config.Config) authorization.JWTAudienceMapper {
			return authorization.NewAudienceMapper(cfg.Global.Authorization.Audience)
		}),
	)
	if err != nil {
		log.Fatalf("setup server: %v", err)
	}

	defer srv.Stop()

	if err := srv.Start(); err != nil {
		log.Fatalf("start server: %v", err)
	}
}

func envOrDefault(key, fallback string) string {
	if value := os.Getenv(key); value != "" {
		return value
	}
	return fallback
}