/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/. */

/**
 * This file is a port of a subset of Chromium's implementation from
 * https://cs.chromium.org/chromium/src/components/password_manager/core/browser/generation/password_generator.cc?l=93&rcl=a896a3ac4ea731b5ab3d2ab5bd76a139885d5c4f
 * which is Copyright 2018 The Chromium Authors. All rights reserved.
 */

const DEFAULT_PASSWORD_LENGTH = 15;
const MAX_UINT8 = Math.pow(2, 8) - 1;
const MAX_UINT32 = Math.pow(2, 32) - 1;

// Some characters are removed due to visual similarity:
const LOWER_CASE_ALPHA = "abcdefghijkmnpqrstuvwxyz"; // no 'l' or 'o'
const UPPER_CASE_ALPHA = "ABCDEFGHJKLMNPQRSTUVWXYZ"; // no 'I' or 'O'
const DIGITS = "23456789"; // no '1' or '0'
const SPECIAL_CHARACTERS = "-~!@#$%^&*_+=)}:;\"'>,.?]";

const REQUIRED_CHARACTER_CLASSES = [
  LOWER_CASE_ALPHA,
  UPPER_CASE_ALPHA,
  DIGITS,
  SPECIAL_CHARACTERS,
];

// Consts for different password rules
const REQUIRED = "required";
const MAX_LENGTH = "maxlength";
const MIN_LENGTH = "minlength";
const MAX_CONSECUTIVE = "max-consecutive";
const UPPER = "upper";
const LOWER = "lower";
const DIGIT = "digit";
const SPECIAL = "special";

// Default password rules
const DEFAULT_RULES = new Map();
DEFAULT_RULES.set(MIN_LENGTH, REQUIRED_CHARACTER_CLASSES.length);
DEFAULT_RULES.set(MAX_LENGTH, MAX_UINT8);
DEFAULT_RULES.set(REQUIRED, [UPPER, LOWER, DIGIT, SPECIAL]);

export const PasswordGenerator = {
  /**
   * @param {Object} options
   * @param {number} options.length - length of the generated password if there are no rules that override the length
   * @param {Map} options.rules - map of password rules
   * @returns {string} password that was generated
   * @throws Error if `length` is invalid
   * @copyright 2018 The Chromium Authors. All rights reserved.
   * @see https://cs.chromium.org/chromium/src/components/password_manager/core/browser/generation/password_generator.cc?l=93&rcl=a896a3ac4ea731b5ab3d2ab5bd76a139885d5c4f
   */
  generatePassword({
    length = DEFAULT_PASSWORD_LENGTH,
    rules = DEFAULT_RULES,
    inputMaxLength,
  }) {
    rules = new Map([...DEFAULT_RULES, ...rules]);
    if (rules.get(MIN_LENGTH) > length) {
      length = rules.get(MIN_LENGTH);
    }
    if (rules.get(MAX_LENGTH) < length) {
      length = rules.get(MAX_LENGTH);
    }
    if (inputMaxLength > 0 && inputMaxLength < length) {
      length = inputMaxLength;
    }

    let password = "";
    let requiredClasses = [];
    let allRequiredCharacters = "";

    // Generate one character of each required class and/or required character list from the rules
    this._addRequiredClassesAndCharacters(rules, requiredClasses);

    // Generate one of each required class
    for (const charClassString of requiredClasses) {
      password +=
        charClassString[this._randomUInt8Index(charClassString.length)];
      if (Array.isArray(charClassString)) {
        // Convert array into single string so that commas aren't
        // concatenated with each character in the arbitrary character array.
        allRequiredCharacters += charClassString.join("");
      } else {
        allRequiredCharacters += charClassString;
      }
    }

    // Now fill the rest of the password with random characters.
    while (password.length < length) {
      password +=
        allRequiredCharacters[
          this._randomUInt8Index(allRequiredCharacters.length)
        ];
    }

    // So far the password contains the minimally required characters at the
    // the beginning. Therefore, we create a random permutation.
    password = this._shuffleString(password);

    // Make sure the password passes the "max-consecutive" rule, if the rule exists
    if (rules.has(MAX_CONSECUTIVE)) {
      // Ensures that a password isn't shuffled an infinite number of times.
      const DEFAULT_NUMBER_OF_SHUFFLES = 15;
      let shuffleCount = 0;
      let consecutiveFlag = this._checkConsecutiveCharacters(
        password,
        rules.get(MAX_CONSECUTIVE)
      );
      while (!consecutiveFlag) {
        password = this._shuffleString(password);
        consecutiveFlag = this._checkConsecutiveCharacters(
          password,
          rules.get(MAX_CONSECUTIVE)
        );
        ++shuffleCount;
        if (shuffleCount === DEFAULT_NUMBER_OF_SHUFFLES) {
          consecutiveFlag = true;
        }
      }
    }

    return password;
  },

  /**
   * Adds special characters and/or other required characters to the requiredCharacters array.
   * @param {Map} rules
   * @param {string[]} requiredClasses
   */
  _addRequiredClassesAndCharacters(rules, requiredClasses) {
    for (const charClass of rules.get(REQUIRED)) {
      if (charClass === UPPER) {
        requiredClasses.push(UPPER_CASE_ALPHA);
      } else if (charClass === LOWER) {
        requiredClasses.push(LOWER_CASE_ALPHA);
      } else if (charClass === DIGIT) {
        requiredClasses.push(DIGITS);
      } else if (charClass === SPECIAL) {
        requiredClasses.push(SPECIAL_CHARACTERS);
      } else {
        requiredClasses.push(charClass);
      }
    }
  },

  /**
   * @param range to generate the number in
   * @returns a random number in range [0, range).
   * @copyright 2018 The Chromium Authors. All rights reserved.
   * @see https://cs.chromium.org/chromium/src/base/rand_util.cc?l=58&rcl=648a59893e4ed5303b5c381b03ce0c75e4165617
   */
  _randomUInt8Index(range) {
    if (range > MAX_UINT8) {
      throw new Error("`range` cannot fit into uint8");
    }
    // We must discard random results above this number, as they would
    // make the random generator non-uniform (consider e.g. if
    // MAX_UINT64 was 7 and |range| was 5, then a result of 1 would be twice
    // as likely as a result of 3 or 4).
    // See https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modulo_bias
    const MAX_ACCEPTABLE_VALUE = Math.floor(MAX_UINT8 / range) * range - 1;

    const randomValueArr = new Uint8Array(1);
    do {
      crypto.getRandomValues(randomValueArr);
    } while (randomValueArr[0] > MAX_ACCEPTABLE_VALUE);
    return randomValueArr[0] % range;
  },

  /**
   * Shuffle the order of characters in a string.
   * @param {string} str to shuffle
   * @returns {string} shuffled string
   */
  _shuffleString(str) {
    let arr = Array.from(str);
    // Generate all the random numbers that will be needed.
    const randomValues = new Uint32Array(arr.length - 1);
    crypto.getRandomValues(randomValues);

    // Fisher-Yates Shuffle
    // https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle
    for (let i = arr.length - 1; i > 0; i--) {
      const j = Math.floor((randomValues[i - 1] / MAX_UINT32) * (i + 1));
      [arr[i], arr[j]] = [arr[j], arr[i]];
    }
    return arr.join("");
  },

  /**
   * Determine the number of consecutive characters in a string.
   * This is primarily used to validate the "max-consecutive" rule
   * of a generated password.
   * @param {string} generatedPassword
   * @param {number} value the number of consecutive characters allowed
   * @return {boolean} `true` if the generatePassword has less than the value argument number of characters, `false` otherwise
   */
  _checkConsecutiveCharacters(generatedPassword, value) {
    let max = 0;
    for (let start = 0, end = 1; end < generatedPassword.length; ) {
      if (generatedPassword[end] === generatedPassword[start]) {
        if (max < end - start + 1) {
          max = end - start + 1;
          if (max > value) {
            return false;
          }
        }
        end++;
      } else {
        start = end++;
      }
    }
    return true;
  },
  _getUpperCaseCharacters() {
    return UPPER_CASE_ALPHA;
  },
  _getLowerCaseCharacters() {
    return LOWER_CASE_ALPHA;
  },
  _getDigits() {
    return DIGITS;
  },
  _getSpecialCharacters() {
    return SPECIAL_CHARACTERS;
  },
};