package mail

import (
	"crypto/tls"
	"fmt"

	"github.com/emersion/go-sasl"
	"github.com/emersion/go-smtp"
)

// CheckIMAP verifies that the IMAP endpoint connects and the credentials
// authenticate, then logs out. It transfers no mail. A nil return means the
// account can read.
func CheckIMAP(cfg IMAPConfig) error {
	c, err := Dial(cfg) // Dial connects and logs in
	if err != nil {
		return err
	}
	return c.Logout()
}

// CheckSMTP verifies that the SMTP endpoint connects and the credentials
// authenticate (SASL PLAIN), then quits. It sends no mail. A nil return means
// the account can send.
func CheckSMTP(cfg SMTPConfig) error {
	addr := fmt.Sprintf("%s:%d", cfg.Host, cfg.Port)
	tlsConf := &tls.Config{ServerName: cfg.Host}

	var (
		c   *smtp.Client
		err error
	)
	switch cfg.Security {
	case "tls":
		c, err = smtp.DialTLS(addr, tlsConf)
	case "starttls":
		c, err = smtp.DialStartTLS(addr, tlsConf)
	default:
		return fmt.Errorf("unknown smtp security %q", cfg.Security)
	}
	if err != nil {
		return fmt.Errorf("smtp connect: %w", err)
	}
	defer c.Close()

	if err := c.Auth(sasl.NewPlainClient("", cfg.Username, cfg.Password)); err != nil {
		return fmt.Errorf("smtp auth: %w", err)
	}
	return c.Quit()
}