package auth

import (
	"context"
	"errors"
)

// TokenResponse represents the response containing both access and refresh tokens
type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"` // Expiration time in seconds
	TokenType    string `json:"token_type"` // Usually "Bearer"
}

var (
	ErrTokenExpired     = errors.New("token has expired")
	ErrInvalidToken     = errors.New("token is invalid")
	ErrTokenBlacklisted = errors.New("token has been revoked")
)

// Service defines the interface for authentication operations
type Service interface {
	// GenerateToken creates new access and refresh tokens for a user
	GenerateToken(ctx context.Context, clientID string, role string) (*TokenResponse, error)

	// ValidateToken verifies a token and returns the client ID if valid
	ValidateToken(ctx context.Context, token string) (string, error)

	// RefreshToken creates a new access token based on a valid refresh token
	RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)

	// Logout invalidates both access and refresh tokens
	Logout(ctx context.Context, token string) error
}