const crypto = require("node:crypto")

function decodeSASL(base64Payload) {
    try {
        const buffer = Buffer.from(base64Payload, "base64")
        const parts = [];
        let lastPos = 0;

        for (let i = 0; i < buffer.length; i++) {
            if (buffer[i] === 0) {
                parts.push(buffer.slice(lastPos, i).toString("utf8"))
                lastPos = i + 1
            }
        }
        parts.push(buffer.slice(lastPos).toString("utf8"))

        return { user: parts[1], pass: parts[2] }
    } catch (e) {
        return null
    }
}

function safeCompare(input, actual) {
    if (!input || !actual || input.length !== actual.length) {
        return false
    }
    return crypto.timingSafeEqual(Buffer.from(input), Buffer.from(actual))
}

function authenticate(identity, secret, type = "PASSWORD") {
    const mockUser = {
        username: "azures",
        password: "Password123@",
        token: "tanit_tk_998877"
    };

    if (type === "TOKEN") {
        return safeCompare(secret, mockUser.token)
    }

    return safeCompare(identity, mockUser.username) && safeCompare(secret, mockUser.password)
}

module.exports = {
    decodeSASL,
    authenticate
}