import * as crypto from 'crypto';

export class KalshiAuth {
    private apiKey: string;
    private privateKeyPem: string;

    constructor(apiKey: string, privateKeyPem: string) {
        this.apiKey = apiKey;
        this.privateKeyPem = privateKeyPem;
    }

    private signPssText(text: string): string {
        const sign = crypto.createSign('RSA-SHA256');
        sign.update(text);
        sign.end();

        const signature = sign.sign({
            key: this.privateKeyPem,
            padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
            saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST,
        });

        return signature.toString('base64');
    }

    public generateAuthHeaders(method: string, path: string): Record<string, string> {
        const currentTimeMilliseconds = Date.now();
        const timestampStr = currentTimeMilliseconds.toString();
        const msgString = timestampStr + method + path;
        const sig = this.signPssText(msgString);

        return {
            'KALSHI-ACCESS-KEY': this.apiKey,
            'KALSHI-ACCESS-SIGNATURE': sig,
            'KALSHI-ACCESS-TIMESTAMP': timestampStr
        };
    }
}