<?php

/**
 * Hutko - Платіжний сервіс, який рухає бізнеси вперед.
 *
 * Запускайтесь, набирайте темп, масштабуйтесь – ми підстрахуємо всюди.
 *
 * @author    panariga
 * @copyright 2025 Hutko
 * @license   http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0)
 */


if (!defined('_PS_VERSION_')) {
    exit;
}


/**
 * Class HutkoCallbackModuleFrontController
 *
 * This front controller handles the asynchronous callback notifications from the Hutko payment gateway.
 * It is responsible for validating the payment response, updating the order status in PrestaShop,
 * and handling various payment statuses (approved, declined, expired, processing).
 * It also incorporates logic to mitigate race conditions with the customer's return to the result page.
 *
 * @property \Hutko $module An instance of the Hutko module.
 */
class HutkoCallbackModuleFrontController extends ModuleFrontController
{
    /**
     * Handles the post-processing of the payment gateway callback.
     *
     * This method is the entry point for Hutko's server-to-server notifications.
     * It performs the following steps:
     * 1. Parses the incoming request body (from POST or raw input).
     * 2. Validates the integrity of the request using the module's signature validation.
     * 3. Extracts the cart ID and loads the corresponding cart.
     * 4. Checks if the order already exists for the cart. If not, it attempts to validate
     * and create the order, using `postponeCallback` to manage potential race conditions.
     * 5. Based on the `order_status` received in the callback, it updates the PrestaShop
     * order's status (e.g., to success, error, or processing).
     * 6. Logs all significant events and errors using PrestaShopLogger.
     * 7. Exits with a simple string response ('OK' or an error message) as expected by
     * payment gateways.
     *
     * @return void
     */
    public function postProcess(): void
    {
        if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
            exit;
        }
        try {
            // 1. Parse the incoming request body.
            $requestBody = $this->getRequestBody();

            // If request body is empty, log and exit.
            if (empty($requestBody)) {
                PrestaShopLogger::addLog('Hutko Callback: Empty request body received.', 2, null, 'Cart', null, true);
                exit('Empty request');
            }

            // 2. Validate the request signature and required fields.
            // Ensure all expected fields are present before proceeding with validation.
            $requiredFields = ['order_id', 'amount', 'order_status', 'signature', 'merchant_id'];
            foreach ($requiredFields as $field) {
                if (!isset($requestBody[$field])) {
                    PrestaShopLogger::addLog('Hutko Callback: Missing required field in request: ' . $field, 2, null, 'Cart', null, true);
                    exit('Missing parameter: ' . $field);
                }
            }

            // Assuming validateResponse returns true on success, or a string error message on failure.
            $isSignatureValid = $this->module->validateResponse($requestBody);
            if ($isSignatureValid !== true) {
                PrestaShopLogger::addLog('Hutko Callback: Invalid signature. Error: ' . $isSignatureValid, 2, null, 'Cart', null, true);
                exit('Invalid signature');
            }

            // 3. Extract cart ID and load the cart.
            // The order_id is expected to be in the format "cartID|timestamp".
            $transaction_id = $requestBody['order_id'];
            $orderIdParamParts = explode($this->module->order_separator, $transaction_id);
            $cartId = (int)$orderIdParamParts[0]; // Ensure it's an integer

            $cart = new Cart($cartId);

            // Validate cart object.
            if (!Validate::isLoadedObject($cart)) {
                PrestaShopLogger::addLog('Hutko Callback: Cart not found for ID: ' . $cartId, 3, null, 'Cart', $cartId, true);
                exit('Cart not found');
            }

            // 4. Determine the amount received from the callback.
            $amountReceived = round((float)$requestBody['amount'] / 100, 2);

            // 5. Check if the order already exists for this cart.
            $orderId = Order::getIdByCartId($cart->id);
            $orderExists = (bool)$orderId;

            // 6. If the order doesn't exist, attempt to validate it using postponeCallback.
            // This handles the scenario where the callback arrives before the customer returns to the site.
            if (!$orderExists) {
                // The callback function will check for order existence again right before validation
                // to handle potential race conditions.
                $validationCallback = function () use ($cart, $amountReceived, $transaction_id) {
                    // Re-check if the order exists right before validation in case the result controller
                    // created it in the interim while we were waiting for the second digit.
                    if (Order::getIdByCartId($cart->id)) {
                        return true; // Order already exists, no need to validate again.
                    }
                    // If order still doesn't exist, proceed with validation.
                    $idState = (int)Configuration::get('HUTKO_SUCCESS_STATUS_ID');
                    return $this->module->validateOrderFromCart((int)$cart->id, $amountReceived, $transaction_id, $idState);
                };

                // Postpone validation to seconds ending in 8 to avoid collision with result controller (ending in 3).
                $validationResult = $this->module->postponeCallback($validationCallback, 8);

                // Re-fetch order ID after potential validation.
                $orderId = Order::getIdByCartId($cart->id);

                if (!$orderId || !$validationResult) {
                    PrestaShopLogger::addLog('Hutko Callback: Order validation failed for cart ID: ' . $cart->id, 2, null, 'Cart', $cart->id, true);
                    exit('Order validation failed');
                }
            }

            // If we reached here, an order should exist. Load it.
            $order = new Order($orderId);
            if (!Validate::isLoadedObject($order)) {
                PrestaShopLogger::addLog('Hutko Callback: Order could not be loaded for ID: ' . $orderId, 3, null, 'Order', $orderId, true);
                exit('Order not found after validation');
            }

            // 7. Handle payment status from the callback.
            $orderStatusCallback = $requestBody['order_status'];
            $currentOrderState = (int)$order->getCurrentState();

            switch ($orderStatusCallback) {
                case 'approved':
                    $expectedState = (int)Configuration::get('HUTKO_SUCCESS_STATUS_ID');
                    // Only change state if it's not already the success state or "Payment accepted".
                    // "Payment accepted" (PS_OS_PAYMENT) might be set by validateOrderFromCart.
                    if ($currentOrderState !== $expectedState && $currentOrderState !== (int)Configuration::get('PS_OS_PAYMENT')) {
                        $this->module->updateOrderStatus($orderId, $expectedState, 'Payment approved by Hutko.');
                    }
                    exit('OK');
                    break;

                case 'declined':
                    $expectedState = (int)Configuration::get('PS_OS_ERROR');
                    // Only change state if it's not already the error state.
                    if ($currentOrderState !== $expectedState) {
                        $this->module->updateOrderStatus($orderId, $expectedState, 'Payment ' . $orderStatusCallback . ' by Hutko.');
                    }
                    exit('Order ' . $orderStatusCallback);
                    break;
                case 'expired':
                    $expectedState = (int)Configuration::get('PS_OS_ERROR');
                    // Only change state if it's not already the error state.
                    if ($currentOrderState !== $expectedState) {
                        $this->module->updateOrderStatus($orderId, $expectedState, 'Payment ' . $orderStatusCallback . ' by Hutko.');
                    }
                    exit('Order ' . $orderStatusCallback);
                    break;

                case 'processing':
                    // If the order is still processing, we might want to update its status
                    // to a specific 'processing' state if available, or just acknowledge.
                    // For now, if it's not already in a success/error state, set it to 'processing'.
                    $processingState = (int)Configuration::get('PS_OS_PAYMENT'); // Or a custom 'processing' state
                    if ($currentOrderState !== $processingState && $currentOrderState !== (int)Configuration::get('HUTKO_SUCCESS_STATUS_ID') && $currentOrderState !== (int)Configuration::get('PS_OS_ERROR')) {
                        $this->module->updateOrderStatus($orderId, $processingState, 'Payment processing by Hutko.');
                    }
                    exit('Processing');
                    break;

                default:
                    // Log unexpected status and exit with an error.
                    PrestaShopLogger::addLog('Hutko Callback: Unexpected order status received: ' . $orderStatusCallback . ' for order ID: ' . $orderId, 3, null, 'Order', $orderId, true);
                    exit('Unexpected status');
                    break;
            }
        } catch (Exception $e) {
            // Log any uncaught exceptions and exit with the error message.
            PrestaShopLogger::addLog('Hutko Callback Error: ' . $e->getMessage(), 3, null, 'HutkoCallbackModuleFrontController', null, true);
            exit($e->getMessage());
        }
    }

    /**
     * Helper method to parse the request body from POST or raw input.
     *
     * @return array The parsed request body.
     */
    private function getRequestBody(): array
    {
        // Prioritize $_POST for form data.
        if (!empty($_POST)) {
            return $_POST;
        }

        // Fallback to raw input for JSON payloads, common for callbacks.
        $jsonBody = json_decode(Tools::file_get_contents("php://input"), true);
        if (is_array($jsonBody)) {
            return $jsonBody;
        }

        return [];
    }
}