variable "name" {
  description = "Name of the Proxy provider"
  type        = string
}

variable "app_name" {
  description = "Name of the application"
  type        = string
}

variable "app_slug" {
  description = "Slug of the application"
  type        = string
}

variable "app_group" {
  description = "Group for the application"
  type        = string
  default     = ""
}

variable "external_host" {
  description = "External hostname for the proxy"
  type        = string
}

variable "internal_host" {
  description = "Internal hostname for the proxy"
  type        = string
  default     = ""
}

variable "internal_host_ssl_validation" {
  description = "Enable SSL validation for internal host"
  type        = bool
  default     = true
}

variable "authorization_flow" {
  description = "Authorization flow UUID"
  type        = string
}

variable "invalidation_flow" {
  description = "Invalidation flow UUID"
  type        = string
}

variable "mode" {
  description = "Proxy mode (proxy, forward_single, forward_domain)"
  type        = string
  default     = "proxy"
  
  validation {
    condition     = contains(["proxy", "forward_single", "forward_domain"], var.mode)
    error_message = "Mode must be one of: proxy, forward_single, forward_domain."
  }
}


variable "cookie_domain" {
  description = "Cookie domain for the proxy"
  type        = string
  default     = ""
}


variable "skip_path_regex" {
  description = "Regular expression for paths to skip authentication"
  type        = string
  default     = ""
}

variable "intercept_header_auth" {
  description = "Intercept header authentication"
  type        = bool
  default     = false
}

variable "basic_auth_enabled" {
  description = "Enable basic authentication"
  type        = bool
  default     = false
}

variable "basic_auth_password_attribute" {
  description = "Attribute for basic auth password"
  type        = string
  default     = ""
}

variable "basic_auth_user_attribute" {
  description = "Attribute for basic auth username"
  type        = string
  default     = ""
}

variable "property_mappings" {
  description = "List of property mapping UUIDs"
  type        = list(string)
  default     = []
}

variable "policy_engine_mode" {
  description = "Policy engine mode"
  type        = string
  default     = "all"
  
  validation {
    condition     = contains(["all", "any"], var.policy_engine_mode)
    error_message = "Policy engine mode must be either 'all' or 'any'."
  }
}

variable "meta_description" {
  description = "Application meta description"
  type        = string
  default     = ""
}

variable "meta_launch_url" {
  description = "Application launch URL"
  type        = string
  default     = ""
}

variable "meta_icon" {
  description = "Application icon URL"
  type        = string
  default     = ""
}


variable "access_policies" {
  description = "Access policies for the application"
  type = map(object({
    policy_id      = string
    order          = number
    enabled        = optional(bool, true)
    timeout        = optional(number, 30)
    negate         = optional(bool, false)
    failure_result = optional(bool, true)
  }))
  default = {}
}