package utils

import (
	"fmt"

	"github.com/aliyun/alibaba-cloud-sdk-go/services/sts"

	"gitlab.alibaba-inc.com/pai_biz_arch/pairec/log"
	"gitlab.alibaba-inc.com/pai_biz_arch/pairec/recconf"
)

var (
	accessKeyId     = "LTAIm398VwCMfDhK"
	accessKeySecret = "vFNt9TQTQTlbzwtzlIH4HTegWHqJrw"
	EndpointMap     = map[string]string{
		"cn-beijing": "sts-vpc.cn-beijing.aliyuncs.com",
	}
)

func AssumedRoleUser(regionId, rolearn, roleSessionName string) (*sts.AssumeRoleResponse, error) {
	client, err := sts.NewClientWithAccessKey(regionId, accessKeyId, accessKeySecret)
	if err != nil {
		log.Error(fmt.Sprintf("error=%v", err))
		return nil, err
	}
	client.SetHTTPSInsecure(true)
	if recconf.Config.RunMode == "production" {
		if endpoint, ok := EndpointMap[regionId]; ok {
			client.Domain = endpoint
		}
	} else {
		client.Domain = "sts.cn-beijing.aliyuncs.com"
	}
	// client.Domain = "sts.cn-beijing.aliyuncs.com"

	request := sts.CreateAssumeRoleRequest()
	request.RoleSessionName = roleSessionName
	request.RoleArn = rolearn
	request.DurationSeconds = "3600"
	request.SetScheme("https")

	response, err := client.AssumeRole(request)
	if err != nil {
		log.Error(fmt.Sprintf("error=%v", err))
		return nil, err
	}

	fmt.Println("AssumedRoleUser", client, response)
	return response, nil
}