#pragma once
// src/wg/wgconfig.h — WireGuard .conf parser for Artemis (C++17, no Qt).
//
// Parses the standard wg-quick .conf format:
//
//   [Interface]
//   PrivateKey = <base64>
//   Address    = 10.99.0.3/24
//   DNS        = 10.99.0.1
//
//   [Peer]
//   PublicKey           = <base64>
//   PresharedKey        = <base64>           # optional
//   Endpoint            = relay.example.com:51820
//   AllowedIPs          = 10.99.0.0/24
//   PersistentKeepalive = 25

#include <cstdint>
#include <string>
#include <vector>

namespace wg {

class Config {
public:
    // Parse from a .conf file on disk.  Returns false and sets errOut on error.
    static bool fromFile(const std::string &path, Config &out, std::string &errOut);

    // Parse from an in-memory string (e.g. from an API response).
    static bool fromString(const std::string &conf, Config &out, std::string &errOut);

    // ── [Interface] ──────────────────────────────────────────────────────────

    // Base64-encoded Curve25519 private key.
    const std::string &privateKey()  const { return m_privateKey;  }

    // Interface address in CIDR notation, e.g. "10.99.0.3/24".
    const std::string &address()     const { return m_address;     }

    // Address stripped of prefix length, e.g. "10.99.0.3".
    std::string addressIP() const;

    // Prefix length from address CIDR, e.g. 24.
    int addressPrefix() const;

    // ── [Peer] ───────────────────────────────────────────────────────────────

    // Base64-encoded Curve25519 public key of the relay server peer.
    const std::string &peerPublicKey()   const { return m_peerPubKey;   }

    // Optional pre-shared key.
    const std::string &presharedKey()    const { return m_presharedKey; }

    // Peer endpoint hostname or IP address (no port).
    std::string endpointHost() const;

    // Peer endpoint port.
    int endpointPort() const;

    // AllowedIPs list (typically ["10.99.0.0/24"] for split tunnel).
    const std::vector<std::string> &allowedIPs() const { return m_allowedIPs; }

    // PersistentKeepalive interval in seconds (0 = disabled).
    int persistentKeepalive() const { return m_keepalive; }

    bool valid() const { return m_valid; }

private:
    bool          m_valid        = false;
    std::string   m_privateKey;
    std::string   m_address;
    std::string   m_peerPubKey;
    std::string   m_presharedKey;
    std::string   m_endpoint;      // raw "host:port" or "[host]:port"
    std::vector<std::string> m_allowedIPs;
    int           m_keepalive     = 25;

    static bool parse(const std::string &text, Config &out, std::string &errOut);
};

} // namespace wg