<?php
/**
 * Stripe Custom Payment API - Sans dépendance PHP
 * Utilise curl pour appeler l'API Stripe directement
 */

header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(200);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'Method not allowed']);
    exit;
}

// Clé secrète Stripe (à configurer)
$stripe_secret_key = getenv('STRIPE_SECRET_KEY');

// Lire données POST
$input = file_get_contents('php://input');
$data = json_decode($input, true);

// Validation
if (!$data || !isset($data['product_name']) || !isset($data['amount']) || !isset($data['currency'])) {
    http_response_code(400);
    echo json_encode(['error' => 'Missing required fields: product_name, amount, currency']);
    exit;
}

$product_name = trim($data['product_name']);
$amount = (int)$data['amount']; // Déjà en centimes
$currency = strtolower(trim($data['currency']));
$email = isset($data['email']) ? trim($data['email']) : null;

// Validation montant
if ($amount < 50) { // Minimum 0.50 EUR
    http_response_code(400);
    echo json_encode(['error' => 'Montant minimum: 0.50 ' . strtoupper($currency)]);
    exit;
}

// Validation devise
$allowed_currencies = ['eur', 'usd', 'mad'];
if (!in_array($currency, $allowed_currencies)) {
    http_response_code(400);
    echo json_encode(['error' => 'Devise non supportée']);
    exit;
}

// Préparer données pour Stripe API
$stripe_data = [
    'payment_method_types' => ['card'],
    'line_items' => [[
        'price_data' => [
            'currency' => $currency,
            'product_data' => [
                'name' => $product_name,
                'description' => 'Huawei Cloud - ' . $product_name
            ],
            'unit_amount' => $amount
        ],
        'quantity' => 1
    ]],
    'mode' => 'payment',
    'success_url' => 'https://weval-consulting.com/products/huawei-success.html?session_id={CHECKOUT_SESSION_ID}',
    'cancel_url' => 'https://weval-consulting.com/products/huawei-cloud.html',
    'metadata' => [
        'provider' => 'huawei_cloud',
        'partner' => 'weval_consulting',
        'product_name' => $product_name
    ]
];

// Ajouter email si fourni
if ($email) {
    $stripe_data['customer_email'] = $email;
}

// Appeler API Stripe via curl
try {
    $ch = curl_init('https://api.stripe.com/v1/checkout/sessions');
    
    curl_setopt_array($ch, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => http_build_query(flatten_array($stripe_data)),
        CURLOPT_HTTPHEADER => [
            'Authorization: Bearer ' . $stripe_secret_key,
            'Content-Type: application/x-www-form-urlencoded'
        ],
        CURLOPT_SSL_VERIFYPEER => true,
        CURLOPT_TIMEOUT => 30
    ]);
    
    $response = curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $curl_error = curl_error($ch);
    
    curl_close($ch);
    
    if ($curl_error) {
        throw new Exception('Curl error: ' . $curl_error);
    }
    
    $result = json_decode($response, true);
    
    if ($http_code !== 200) {
        $error_message = isset($result['error']['message']) 
            ? $result['error']['message'] 
            : 'Stripe API error';
        
        throw new Exception($error_message);
    }
    
    // Succès
    echo json_encode([
        'sessionId' => $result['id'],
        'url' => $result['url']
    ]);
    
} catch (Exception $e) {
    http_response_code(500);
    echo json_encode([
        'error' => 'Payment error',
        'message' => $e->getMessage()
    ]);
}

/**
 * Aplatir tableau pour http_build_query avec tableaux imbriqués
 */
function flatten_array($array, $prefix = '') {
    $result = [];
    
    foreach ($array as $key => $value) {
        $new_key = $prefix === '' ? $key : $prefix . '[' . $key . ']';
        
        if (is_array($value)) {
            $result = array_merge($result, flatten_array($value, $new_key));
        } else {
            $result[$new_key] = $value;
        }
    }
    
    return $result;
}