import hashlib
import hmac
import json
import logging

from odoo import http
from odoo.http import request, Response

_logger = logging.getLogger(__name__)


class AiWebhookController(http.Controller):

    @http.route('/ai/webhook/callback', type='json', auth='none', methods=['POST'], csrf=False)
    def ai_callback(self):
        # Verify webhook secret
        bot = request.env['ab.ai.bot'].sudo().search([('active', '=', True)], limit=1)
        if bot and bot.webhook_secret:
            incoming_sig = request.httprequest.headers.get('X-ActiveBlue-Signature', '')
            if incoming_sig != bot.webhook_secret:
                _logger.warning('Webhook signature mismatch from %s', request.httprequest.remote_addr)
                return Response(status=401)

        # Check IP whitelist
        if bot and bot.webhook_secret:
            pass  # IP check handled at network level via ALLOWED_CALLBACK_IP env var in agent service

        data = request.httprequest.get_json(silent=True) or {}
        if not data:
            return Response(status=400)

        event_type = data.get('event', '')
        _logger.debug('AI webhook callback: event=%s', event_type)

        if event_type == 'directive_completed':
            self._handle_directive_completed(data)
        elif event_type == 'escalation':
            self._handle_escalation(data)
        elif event_type == 'sweep_findings':
            self._handle_sweep_findings(data)

        return {'ok': True}

    def _handle_directive_completed(self, data):
        try:
            request.env['ab.ai.directive'].sudo().record_directive(
                directive_id=data.get('directive_id', ''),
                user_id=int(data.get('user_id', 0)) or None,
                message=data.get('message', ''),
                reply=data.get('reply', ''),
                status='completed',
                agents=data.get('agents', []),
                escalations=data.get('escalations', []),
                actions=data.get('actions_taken', []),
                session_id=data.get('session_id'),
                duration_ms=data.get('duration_ms'),
            )
        except Exception as exc:
            _logger.error('_handle_directive_completed error: %s', exc)

    def _handle_escalation(self, data):
        try:
            request.env['ab.ai.log'].sudo().log(
                summary=data.get('message', 'AI escalation'),
                level='warning',
                agent=data.get('agent'),
                directive_id=data.get('directive_id'),
                details=json.dumps(data),
            )
        except Exception as exc:
            _logger.error('_handle_escalation error: %s', exc)

    def _handle_sweep_findings(self, data):
        findings = data.get('findings', [])
        agent = data.get('agent', 'unknown')
        try:
            for finding in findings:
                request.env['ab.ai.log'].sudo().log(
                    summary=f"Sweep finding [{agent}]: {finding.get('type', '')}",
                    level='info',
                    agent=agent,
                    details=json.dumps(finding),
                )
        except Exception as exc:
            _logger.error('_handle_sweep_findings error: %s', exc)