defmodule Boruta.BasicAuth do
  @moduledoc """
  HTTP BasicAuth utilities

  Provide utilities to decode Basic authorization header as stated in [RFC 7617 - The 'Basic' HTTP Authentication Scheme](https://tools.ietf.org/html/rfc7617)
  """

  @doc """
  Decode given authorization header and returns an array containing username and password.

  ## Examples
      iex> Boruta.BasicAuth.decode("Basic dXNlcm5hbWU6cGFzc3dvcmQ=")
      {:ok, ["username", "password"]}

      iex> Boruta.BasicAuth.decode("bad_authorization_header")
      {:error, "`bad_authorization_header` is not a valid Basic authorization header."}

  """
  @spec decode(authorization_header :: String.t()) :: {:ok, list(String.t())} | {:error, String.t()}
  def decode("Basic " <> encoded) do
    with {:ok, decoded} <- Base.decode64(encoded),
      [username, password] <- String.split(decoded, ":") do
      {:ok, [username, password]}
    else
      _ -> {:error, "Given credentials are invalid."}
    end
  end
  def decode(string) when is_binary(string), do: {:error, "`#{string}` is not a valid Basic authorization header."}
end