import os
import json
import datetime
import azure.functions as func
from azure.storage.blob import BlobServiceClient, generate_blob_sas, BlobSasPermissions
import logging
# Get environment variables
from configuration import Configuration
config = Configuration()

STORAGE_ACCOUNT_NAME = config.get_value("STORAGE_ACCOUNT_NAME")
USE_SAS_TOKEN = config.get_value("USE_SAS_TOKEN", "true") == "true"
HOURS = int(config.get_value("SAS_TOKEN_EXPIRY_HOURS", "1"))

# Create BlobServiceClient using Managed Identity
blob_service_client = BlobServiceClient(
    f"https://{STORAGE_ACCOUNT_NAME}.blob.core.windows.net", credential=config.credential
)

def generate_sas_token(container_name, blob_name):
    delegation_key = blob_service_client.get_user_delegation_key(
        key_start_time=datetime.datetime.utcnow(),
        key_expiry_time=datetime.datetime.utcnow() + datetime.timedelta(hours=HOURS)
    )
    
    """Generate a SAS token with read & write access for a blob."""
    sas_token = generate_blob_sas(
        account_name=STORAGE_ACCOUNT_NAME,
        container_name=container_name,
        blob_name=blob_name,
        user_delegation_key=delegation_key,  # Managed Identity handles authentication
        permission=BlobSasPermissions(read=True, write=True),  # Read & Write
        expiry=datetime.datetime.utcnow() + datetime.timedelta(hours=HOURS)  # 1-hour expiry
    )

    blob_client = blob_service_client.get_blob_client(container_name, blob_name)

    if USE_SAS_TOKEN == "true" or USE_SAS_TOKEN == True:
        # Generate a SAS URL for the blob
        return f"{blob_client.url}?{sas_token}"
    else:
        # Generate a URL without SAS token for Managed Identity access
        return blob_client.url

def main(req: func.HttpRequest) -> func.HttpResponse:
    logging.info("Python HTTP trigger function processed a request for getBlobsByContainer.")
    try:
        container_names = ["bronze", "silver", "gold"]
        blobs_by_container = {}

        for container in container_names:
            container_client = blob_service_client.get_container_client(container)
            blobs_with_sas = [
                {
                    "name": blob.name,
                    "url": generate_sas_token(container, blob.name)  # Get SAS URL for each blob
                }
                for blob in container_client.list_blobs()
            ]
            blobs_by_container[container] = blobs_with_sas

        return func.HttpResponse(json.dumps(blobs_by_container), mimetype="application/json")

    except Exception as e:
        return func.HttpResponse(f"Error: {str(e)}", status_code=500)