package kms

import (
	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/credentials"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/kms"
	"net/http"
	"wallet-system/internal/conf"
	"wallet-system/internal/pkg/logging/applogger"
)

// KmsClient
// @Description:
type KmsClient struct {
	KmsC *kms.KMS
}

// NewKms
//
//	@Description:
//	@param a
//	@return *KmsClient
//	@return error
func NewKms(a *conf.Aws) (*KmsClient, error) {
	k := new(KmsClient)
	// 创建自定义的 AWS 配置
	awsConfig := &aws.Config{
		Region: aws.String(a.Set.Region), // 设置 AWS 区域
		Credentials: credentials.NewStaticCredentials(
			a.Set.Id,     // 替换为您的访问密钥 ID
			a.Set.Secret, // 替换为您的访问密钥
			a.Set.Token), // 提供一个可选的令牌 (token)，如果您使用 MFA
		DisableSSL:       aws.Bool(false), // 通过 HTTPS 进行连接
		S3ForcePathStyle: aws.Bool(true),  // 使用路径样式的 URL
		HTTPClient:       &http.Client{},  // 自定义 HTTP 客户端，可选
	}

	// 创建 AWS 会话
	sess, err := session.NewSession(awsConfig)
	if err != nil {
		applogger.Error("creat Aws-Kms NewSession err:%v", err)
		return nil, err
	}

	// 创建KMS客户端
	kmsClient := kms.New(sess)

	k.KmsC = kmsClient

	return k, nil
}