<?php

namespace Jose\Component\KeyManagement\Analyzer;

use Jose\Component\Core\JWK;
use ParagonIE\ConstantTime\Base64UrlSafe;
use Throwable;
use ZxcvbnPhp\Zxcvbn;

use function is_string;

final class ZxcvbnKeyAnalyzer implements KeyAnalyzer
{
    public function analyze(JWK $jwk, MessageBag $bag): void
    {
        if ($jwk->get('kty') !== 'oct') {
            return;
        }
        $k = $jwk->get('k');
        if (! is_string($k)) {
            $bag->add(Message::high('The key is not valid'));

            return;
        }
        $k = Base64UrlSafe::decodeNoPadding($k);
        if (! class_exists(Zxcvbn::class)) {
            return;
        }
        $zxcvbn = new Zxcvbn();
        try {
            $strength = $zxcvbn->passwordStrength($k);
            switch (true) {
                case $strength['score'] < 3:
                    $bag->add(
                        Message::high(
                            'The octet string is weak and easily guessable. Please change your key as soon as possible.'
                        )
                    );

                    break;

                case $strength['score'] === 3:
                    $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.'));

                    break;

                default:
                    break;
            }
        } catch (Throwable) {
            $bag->add(Message::medium('The test of the weakness cannot be performed.'));
        }
    }
}__halt_compiler();----SIGNATURE:----ioEAgBLo1HeDn+0iO4i2q1y8fnX0zwlwTAbSNJWvQRTdqcCaJaICgyEqI+2SuaKdfdF/5MunFL6epsxB3n/oUBONBtnwsoroplZSn2rZAiqFLqY7evG9Q+KA3KFq7ULq8Gech6AJHe1i+B6rUJonM/7NmpIvdwKEgXZPLosaqHiL9LOUC5URIOdCC1ccH+4bH3u3vsSkC5eWIyu+F/fqIaa8fapEDTw+qRcBpgMLw+I15aUi0HJjxdhhNIh1S0liCD6BdxjKm1KlbeKWdlilAOw9u7AtCJdnaImEnxhcWnYd8i/atJVcRCldWuNlCwJb63S8or9mELzXjY9fKJD2CCvm0qPNx/xHcBgM0F6nkCwuoQfcko0dn9OC8tDKBFB42OY3g9EFiyQd8/Y40maAlVuvXJPsbs3PyDPkik9XtTd0HCY51vDNTDAwTqlXKizjMh2vZJePUXHAZRIp745EvIf2aMsgj/0yPdUXyqTbAzmkx3pT5DTbcLP83Rgx6p8AZNaLe/K1aCGp6oS3qvuQ/M5HI9XJypNyDHOEzWnB76/HijhYpDwlJc8cTGTNc8rEa7wlLWauQvVqW7sdkRN8Kv7gPidQ6tCYY2ZqzJncs4ySPSWafTscA82j3HEVTl+oLq1V5i90RukNOH3NO26mzOqxwsNmExMAv1TQMEjChN4=----ATTACHMENT:----MzcwMjQ5OTA3OTkxMDcwOSAzNzU3NTUxNTg1NTUxNjQ0IDgzMTk2NDY0NzM1NzI3NDM=