<?php

declare(strict_types=1);

use GNexus\GAuth\Client\GAuthClient;
use GNexus\GAuth\Config\GAuthConfig;
use GNexus\GAuth\OAuth\HttpTokenEndpoint;
use GNexus\GAuth\Runtime\HttpRuntimeUserProvider;
use GNexus\GAuth\Webhook\HmacWebhookVerifier;
use GNexus\GAuth\Webhook\JsonWebhookParser;

require dirname(__DIR__, 3) . '/vendor/autoload.php';
require __DIR__ . '/stores.php';

session_start();

$config = new GAuthConfig(
    baseUrl: 'https://auth.example.test',
    clientId: 'billing',
    clientSecret: 'replace-me',
    redirectUri: 'https://billing.example.test/callback.php',
    userAgent: 'billing-service/0.1',
);

/*
|--------------------------------------------------------------------------
| Replace these placeholders with real PSR implementations
|--------------------------------------------------------------------------
|
| Example choices after extraction:
| - GuzzleHttp\Client as PSR-18 client
| - Nyholm\Psr7\Factory\Psr17Factory for request/stream factories
|
*/

$httpClient = null;
$requestFactory = null;
$streamFactory = null;

if ($httpClient === null || $requestFactory === null || $streamFactory === null) {
    throw new RuntimeException('Wire real PSR-18 and PSR-17 implementations in examples/plain-php/bootstrap.php');
}

return new GAuthClient(
    config: $config,
    tokenEndpoint: new HttpTokenEndpoint($config, $httpClient, $requestFactory, $streamFactory),
    runtimeUserProvider: new HttpRuntimeUserProvider($config, $httpClient, $requestFactory),
    webhookVerifier: new HmacWebhookVerifier($config),
    webhookParser: new JsonWebhookParser(),
    stateStore: new SessionStateStore(),
    pkceStore: new SessionPkceStore(),
);