// --- Backend API Logic ---

/**
 * Handles CORS preflight requests.
 * @returns {Response}
 */
function handleOptions() {
  return new Response(null, {
    headers: getCorsHeaders(),
  });
}

/**
 * Creates a JSON response with appropriate headers.
 * @param {object} body - The response body.
 * @param {number} status - The HTTP status code.
 * @returns {Response}
 */
function createJsonResponse(body, status) {
  return new Response(JSON.stringify(body, null, 2), {
    status: status,
    headers: {
      'Content-Type': 'application/json',
      ...getCorsHeaders(),
    },
  });
}

/**
 * Gets the required CORS headers.
 * @returns {object}
 */
function getCorsHeaders() {
    return {
      'Access-Control-Allow-Origin': '*',
      'Access-Control-Allow-Methods': 'POST, OPTIONS',
      'Access-Control-Allow-Headers': 'Content-Type',
    };
}


/**
 * Handles the token acquisition request from the frontend.
 * It exchanges the authorization code for an access token and refresh token.
 * @param {Request} request - The incoming request.
 * @returns {Promise<Response>}
 */
async function handleTokenRequest(request) {
  const { code, redirect_uri, cloud_env, client_id, client_secret } = await request.json();

  if (!code || !redirect_uri || !cloud_env || !client_id || !client_secret) {
    return createJsonResponse({ error: '请求体中缺少必要参数。' }, 400);
  }

  const tokenUrl = cloud_env === 'china'
    ? 'https://login.chinacloudapi.cn/common/oauth2/v2.0/token'
    : 'https://login.microsoftonline.com/common/oauth2/v2.0/token';

  const body = new URLSearchParams({
    client_id: client_id,
    client_secret: client_secret,
    code: code,
    redirect_uri: redirect_uri,
    grant_type: 'authorization_code',
    scope: 'offline_access Files.ReadWrite.All Sites.Read.All',
  });

  try {
    const tokenResponse = await fetch(tokenUrl, {
      method: 'POST',
      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
      body: body,
    });

    const tokenData = await tokenResponse.json();

    if (!tokenResponse.ok) {
      return createJsonResponse(tokenData, tokenResponse.status);
    }

    return createJsonResponse(tokenData, 200);
  } catch (error) {
    return createJsonResponse({ error: '从微软获取令牌失败。', details: error.message }, 500);
  }
}

/**
 * Handles the SharePoint Site ID request from the frontend.
 * It uses the provided access token to query the Microsoft Graph API.
 * @param {Request} request - The incoming request.
 * @returns {Promise<Response>}
 */
async function handleSiteIdRequest(request) {
    const { accessToken, cloudEnv, hostname, sitePath } = await request.json();

    if (!accessToken || !cloudEnv || !hostname) {
        return createJsonResponse({ error: '查询 Site ID 的请求体中缺少必要参数。' }, 400);
    }
    
    const graphEndpoint = cloudEnv === 'china'
        ? 'https://microsoftgraph.chinacloudapi.cn'
        : 'https://graph.microsoft.com';

    // Construct the URL for the Graph API call
    const relativePath = sitePath && sitePath !== '/' ? `:${sitePath}` : '';
    const siteUrl = `${graphEndpoint}/v1.0/sites/${hostname}${relativePath}`;

    try {
        const siteResponse = await fetch(siteUrl, {
            method: 'GET',
            headers: {
                'Authorization': `Bearer ${accessToken}`,
            },
        });

        const siteData = await siteResponse.json();

        if (!siteResponse.ok) {
            return createJsonResponse(siteData, siteResponse.status);
        }

        return createJsonResponse(siteData, 200);
    } catch (error) {
         return createJsonResponse({ error: '从微软 Graph 获取 Site ID 失败。', details: error.message }, 500);
    }
}


// --- Frontend HTML & JS ---
/**
 * Generates the full HTML content for the tool's UI.
 * @returns {string} - The HTML content as a string.
 */
function getHtmlContent() {
  return `
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>一体化 OneDrive & SharePoint 工具</title>
    <script src="https://cdn.tailwindcss.com"></script>
    <link rel="preconnect" href="https://fonts.googleapis.com">
    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
    <style>
        body { font-family: 'Inter', 'Noto Sans SC', sans-serif; }
        .break-all { word-break: break-all; }
        .copy-btn {
            position: absolute;
            top: 50%;
            right: 0.5rem;
            transform: translateY(-50%);
            padding: 0.25rem 0.5rem;
            font-size: 0.75rem;
            border-radius: 0.375rem;
            background-color: #4B5563; /* bg-gray-600 */
            color: white;
            cursor: pointer;
            border: none;
            opacity: 0.6;
            transition: opacity 0.2s;
        }
        .copy-btn:hover { opacity: 1; }
        .token-wrapper { position: relative; }
        .result-wrapper { position: relative; }
    </style>
</head>
<body class="bg-gray-100 dark:bg-gray-900 text-gray-800 dark:text-gray-200">
    <div class="container mx-auto p-4 md:p-8 max-w-4xl">
        <header class="text-center mb-8">
            <h1 class="text-3xl md:text-4xl font-bold text-gray-900 dark:text-white">一体化 OneDrive & SharePoint 工具</h1>
            <p class="mt-2 text-gray-600 dark:text-gray-400">一键获取刷新令牌和 SharePoint Site ID</p>
        </header>
        
        <div class="bg-red-100 dark:bg-red-900/30 border-l-4 border-red-500 text-red-700 dark:text-red-300 p-4 rounded-md mb-8" role="alert">
            <p class="font-bold">安全警告</p>
            <p>在此页面填写客户端密码 (Client Secret) 存在一定风险。请仅在您自己的电脑和信任的网络环境下使用此工具。</p>
        </div>

        <div class="bg-white dark:bg-gray-800 rounded-lg shadow-md p-6 mb-8">
            <h2 class="text-2xl font-semibold mb-4 border-b pb-2 dark:border-gray-600">步骤 1: 应用配置 & 获取令牌</h2>
            <div class="grid grid-cols-1 gap-6">
                <div>
                    <label for="clientId" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">应用 ID (Client ID)</label>
                    <input type="text" id="clientId" placeholder="您的Azure应用ID" class="w-full px-3 py-2 bg-gray-50 dark:bg-gray-700 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm focus:outline-none focus:ring-2 focus:ring-blue-500">
                </div>
                <div>
                    <label for="clientSecret" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">客户端密码 (Client Secret)</label>
                    <input type="password" id="clientSecret" placeholder="您的Azure应用客户端密码" class="w-full px-3 py-2 bg-gray-50 dark:bg-gray-700 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm focus:outline-none focus:ring-2 focus:ring-blue-500">
                </div>
                 <div>
                    <label for="redirectUri" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">重定向 URI (Redirect URI)</label>
                    <div class="relative">
                        <input type="text" id="redirectUri" readonly class="w-full pl-3 pr-16 py-2 bg-gray-200 dark:bg-gray-600 border border-gray-300 dark:border-gray-500 rounded-md shadow-sm">
                        <button id="copyRedirectUriBtn" class="copy-btn">复制</button>
                    </div>
                    <p class="mt-1 text-xs text-gray-500 dark:text-gray-400">将此URL复制到您Azure应用的Web平台重定向URI中。</p>
                </div>
                <div>
                    <label for="cloudEnv" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">云环境</label>
                    <select id="cloudEnv" class="w-full px-3 py-2 bg-gray-50 dark:bg-gray-700 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm focus:outline-none focus:ring-2 focus:ring-blue-500">
                        <option value="global">Microsoft 全球云 (Global)</option>
                        <option value="china">由世纪互联运营的 Microsoft Azure (21Vianet)</option>
                    </select>
                </div>
            </div>
             <div class="mt-6 text-center">
                 <button id="getAuthCodeBtn" class="px-8 py-3 bg-blue-600 text-white font-semibold rounded-md shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500 dark:focus:ring-offset-gray-900 transition-colors text-lg">
                    开始认证
                </button>
             </div>
        </div>

        <div id="result-container" class="mt-8 bg-white dark:bg-gray-800 rounded-lg shadow-md p-6 hidden">
            <h2 class="text-2xl font-semibold mb-4 border-b pb-2 dark:border-gray-600">令牌结果</h2>
            <div id="spinner" class="hidden flex justify-center items-center my-4">
                <svg class="animate-spin -ml-1 mr-3 h-8 w-8 text-blue-500" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24"><circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle><path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path></svg>
                <span class="text-lg">正在从后端获取令牌...</span>
            </div>
            <div id="result-content"></div>
        </div>

        <div id="site-id-finder" class="mt-8 bg-white dark:bg-gray-800 rounded-lg shadow-md p-6 hidden">
            <h2 class="text-2xl font-semibold mb-4 border-b pb-2 dark:border-gray-600">步骤 2: 获取 SharePoint Site ID (可选)</h2>
            <p class="text-sm text-gray-500 dark:text-gray-400 mb-4">使用上方获取的访问令牌来查询 Site ID。</p>
            <div class="grid grid-cols-1 gap-6">
                <div>
                    <label for="sharepointUrl" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">SharePoint 网站 URL</label>
                    <input type="url" id="sharepointUrl" placeholder="https://contoso.sharepoint.com/sites/MyTeamSite" class="w-full px-3 py-2 bg-gray-50 dark:bg-gray-700 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm focus:outline-none focus:ring-2 focus:ring-blue-500">
                </div>
            </div>
            <div class="text-center mt-6">
                <button id="getSiteIdBtn" class="px-6 py-2 bg-green-600 text-white font-semibold rounded-md shadow-sm hover:bg-green-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-green-500 dark:focus:ring-offset-gray-900 transition-colors">获取 Site ID</button>
            </div>
            <div id="site-id-result-container" class="mt-6 hidden">
                <div id="site-id-spinner" class="hidden flex justify-center items-center my-4">
                     <svg class="animate-spin -ml-1 mr-3 h-6 w-6 text-green-500" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24"><circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle><path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path></svg>
                    <span class="text-lg">正在查询 Site ID...</span>
                </div>
                <div id="site-id-result-content"></div>
            </div>
        </div>

    </div>

    <script>
        // --- DOM Elements ---
        const clientIdInput = document.getElementById('clientId');
        const clientSecretInput = document.getElementById('clientSecret');
        const cloudEnvSelect = document.getElementById('cloudEnv');
        const redirectUriInput = document.getElementById('redirectUri');
        const copyRedirectUriBtn = document.getElementById('copyRedirectUriBtn');
        const getAuthCodeBtn = document.getElementById('getAuthCodeBtn');
        const resultContainer = document.getElementById('result-container');
        const resultContent = document.getElementById('result-content');
        const spinner = document.getElementById('spinner');

        const siteIdFinder = document.getElementById('site-id-finder');
        const sharepointUrlInput = document.getElementById('sharepointUrl');
        const getSiteIdBtn = document.getElementById('getSiteIdBtn');
        const siteIdResultContainer = document.getElementById('site-id-result-container');
        const siteIdSpinner = document.getElementById('site-id-spinner');
        const siteIdResultContent = document.getElementById('site-id-result-content');

        // --- App State ---
        let appState = {
            accessToken: null,
            cloudEnv: null
        };
        
        const authEndpoints = {
            global: 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize',
            china: 'https://login.chinacloudapi.cn/common/oauth2/v2.0/authorize',
        };

        // --- Utility Functions ---
        function copyToClipboard(text, button) {
            const textarea = document.createElement('textarea');
            textarea.value = text;
            document.body.appendChild(textarea);
            textarea.select();
            document.execCommand('copy');
            document.body.removeChild(textarea);
            const originalText = button.textContent;
            button.textContent = '已复制!';
            setTimeout(() => { button.textContent = originalText; }, 2000);
        }

        function showResult(title, content, isError = false) {
            spinner.classList.add('hidden');
            resultContainer.classList.remove('hidden');
            const titleColor = isError ? 'text-red-500 dark:text-red-400' : 'text-green-600 dark:text-green-400';
            let formattedContent = \`\${content}\`;
            if (isError) {
                try {
                    const errorJson = JSON.parse(content);
                    formattedContent = \`<pre class="p-4 bg-gray-100 dark:bg-gray-900 rounded-md break-all font-mono text-sm">\${JSON.stringify(errorJson, null, 2)}</pre>\`;
                } catch(e) {
                     formattedContent = \`<div class="p-4 bg-gray-100 dark:bg-gray-900 rounded-md break-all font-mono text-sm">\${content}</div>\`;
                }
            }
            resultContent.innerHTML = \`<h4 class="font-bold text-lg mb-2 \${titleColor}">\${title}</h4>\${formattedContent}\`;
        }

        function showSiteIdResult(title, content, isError = false) {
            siteIdSpinner.classList.add('hidden');
            siteIdResultContainer.classList.remove('hidden');
            const titleColor = isError ? 'text-red-500 dark:text-red-400' : 'text-green-600 dark:text-green-400';
             let formattedContent = content;
            if (isError) {
                 try {
                    const errorJson = JSON.parse(content);
                    formattedContent = \`<pre class="p-4 bg-gray-100 dark:bg-gray-900 rounded-md break-all font-mono text-sm">\${JSON.stringify(errorJson, null, 2)}</pre>\`;
                } catch(e) {
                     formattedContent = \`<div class="p-4 bg-gray-100 dark:bg-gray-900 rounded-md break-all font-mono text-sm">\${content}</div>\`;
                }
            }
            siteIdResultContent.innerHTML = \`<h4 class="font-bold text-lg mb-2 \${titleColor}">\${title}</h4>\${formattedContent}\`;
        }

        // --- Core Logic ---
        function handleStartAuth() {
            const clientId = clientIdInput.value;
            const clientSecret = clientSecretInput.value;

            if (!clientId || !clientSecret) {
                alert('请输入应用 ID 和客户端密码');
                return;
            }

            localStorage.setItem('ms_graph_tool_config', JSON.stringify({
                clientId: clientId,
                clientSecret: clientSecret,
                cloudEnv: cloudEnvSelect.value,
                sharepointUrl: sharepointUrlInput.value
            }));

            const scope = 'offline_access Files.ReadWrite.All Sites.Read.All';
            const redirectUri = window.location.origin + window.location.pathname;
            const authUrl = \`\${authEndpoints[cloudEnvSelect.value]}?client_id=\${clientId}&scope=\${scope}&response_type=code&redirect_uri=\${redirectUri}\`;
            window.location.href = authUrl;
        }

        async function handleGetToken(code) {
              const config = JSON.parse(localStorage.getItem('ms_graph_tool_config') || '{}');
              if(!config.clientId || !config.clientSecret) {
                  showResult('错误', '找不到本地存储的ID和密钥，请重新填写。', true);
                  return;
              }
              spinner.classList.remove('hidden');
              resultContainer.classList.remove('hidden');
              resultContent.innerHTML = '';
              
              try {
                  const response = await fetch('./api/token', {
                      method: 'POST',
                      headers: {'Content-Type': 'application/json'},
                      body: JSON.stringify({
                          code: code,
                          redirect_uri: window.location.origin + window.location.pathname,
                          cloud_env: config.cloudEnv,
                          client_id: config.clientId,
                          client_secret: config.clientSecret
                      })
                  });
                  
                  const data = await response.json();

                  if (!response.ok) {
                      throw new Error(JSON.stringify(data));
                  }
                  
                  appState.accessToken = data.access_token;
                  appState.cloudEnv = config.cloudEnv;

                  const resultHtml = \`
                      <div class="space-y-4">
                          <div class="result-wrapper"><p class="font-semibold text-gray-700 dark:text-gray-300">刷新令牌 (Refresh Token):</p><div class="relative"><p class="text-sm p-3 bg-gray-100 dark:bg-gray-700 rounded break-all" id="refreshTokenText">\${data.refresh_token}</p><button class="copy-btn" onclick="copyToClipboard(document.getElementById('refreshTokenText').textContent, this)">复制</button></div></div>
                          <div class="result-wrapper"><p class="font-semibold text-gray-700 dark:text-gray-300">访问令牌 (Access Token):</p><div class="relative"><p class="text-sm p-3 bg-gray-100 dark:bg-gray-700 rounded break-all" id="accessTokenText">\${data.access_token}</p><button class="copy-btn" onclick="copyToClipboard(document.getElementById('accessTokenText').textContent, this)">复制</button></div></div>
                      </div>\`;
                  showResult('令牌获取成功！', resultHtml);

                  siteIdFinder.classList.remove('hidden');

              } catch (error) {
                   showResult('获取令牌失败', error.message, true);
              }
        }
        
        async function handleGetSiteId() {
            const fullUrl = sharepointUrlInput.value;
            if (!fullUrl) {
                alert('请输入 SharePoint 网站 URL');
                return;
            }
            if (!appState.accessToken) {
                 alert('访问令牌不可用。请先完成步骤1。');
                 return;
            }

            let hostname, sitePath;
            try {
                const urlObject = new URL(fullUrl);
                hostname = urlObject.hostname;
                sitePath = urlObject.pathname;
            } catch (e) {
                alert('输入的 SharePoint URL 格式无效。');
                return;
            }
            
            const config = JSON.parse(localStorage.getItem('ms_graph_tool_config') || '{}');
            config.sharepointUrl = fullUrl;
            localStorage.setItem('ms_graph_tool_config', JSON.stringify(config));

            siteIdSpinner.classList.remove('hidden');
            siteIdResultContainer.classList.remove('hidden');
            siteIdResultContent.innerHTML = '';

            try {
                const response = await fetch('./api/site-id', {
                    method: 'POST',
                    headers: {'Content-Type': 'application/json'},
                    body: JSON.stringify({
                        accessToken: appState.accessToken,
                        cloudEnv: appState.cloudEnv,
                        hostname: hostname,
                        sitePath: sitePath
                    })
                });

                const data = await response.json();

                if (!response.ok) {
                    throw new Error(JSON.stringify(data));
                }
                
                const siteId = data.id;
                const resultHtml = \`
                    <div class="result-wrapper">
                      <p class="font-semibold text-gray-700 dark:text-gray-300">网站信息:</p>
                      <div class="relative text-sm p-3 bg-gray-100 dark:bg-gray-700 rounded break-all" id="siteIdText">
                        <p><strong>ID:</strong> \${siteId}</p>
                        <p><strong>名称:</strong> \${data.displayName}</p>
                        <p><strong>URL:</strong> <a href="\${data.webUrl}" target="_blank" class="text-blue-500 hover:underline">\${data.webUrl}</a></p>
                        <button class="copy-btn" style="top: 1rem; transform: none;" onclick="copyToClipboard('\${siteId}', this)">复制ID</button>
                      </div>
                    </div>
                \`;

                showSiteIdResult('Site ID 获取成功!', resultHtml);

            } catch (error) {
                showSiteIdResult('获取 Site ID 失败', error.message, true);
            }
        }

        // --- Event Listeners & Page Load ---
        window.onload = () => {
            const savedConfig = JSON.parse(localStorage.getItem('ms_graph_tool_config') || '{}');
            if (savedConfig.clientId) clientIdInput.value = savedConfig.clientId;
            if (savedConfig.clientSecret) clientSecretInput.value = savedConfig.clientSecret;
            if (savedConfig.cloudEnv) cloudEnvSelect.value = savedConfig.cloudEnv;
            if (savedConfig.sharepointUrl) sharepointUrlInput.value = savedConfig.sharepointUrl;

            const redirectUri = window.location.origin + window.location.pathname;
            redirectUriInput.value = redirectUri;

            const urlParams = new URLSearchParams(window.location.search);
            const code = urlParams.get('code');

            if (code) {
                handleGetToken(code);
                window.history.replaceState({}, document.title, window.location.pathname);
            }
            
            getAuthCodeBtn.addEventListener('click', handleStartAuth);
            getSiteIdBtn.addEventListener('click', handleGetSiteId);
            copyRedirectUriBtn.addEventListener('click', (e) => {
                e.preventDefault();
                copyToClipboard(redirectUriInput.value, e.target);
            });
        };
    </script>
</body>
</html>
  `;
}

// --- Worker Main Logic & Router ---
export default {
  async fetch(request) {
    const url = new URL(request.url);

    // Handle API routes
    if (url.pathname.startsWith('/api/')) {
        if (request.method === 'OPTIONS') {
            return handleOptions();
        }
        if (url.pathname === '/api/token' && request.method === 'POST') {
          return handleTokenRequest(request);
        }
        if (url.pathname === '/api/site-id' && request.method === 'POST') {
            return handleSiteIdRequest(request);
        }
    }

    // Serve HTML for the root path
    if (url.pathname === '/' && request.method === 'GET') {
      return new Response(getHtmlContent(), {
        headers: { 'Content-Type': 'text/html;charset=utf-8' },
      });
    }
    
    return new Response('未找到', { status: 404 });
  },
};