/**
 * SESSION MAPPER
 * Logic: Data transformation (JWT -> Clean Profile).
 * Purpose: Prevents leaking sensitive JWT metadata to the UI layer.
 */

import { UserProfile, RawKeycloakToken } from '../../types/auth.types';

export const mapKeycloakProfile = (token: RawKeycloakToken): UserProfile => {
  return {
    id: token.sub,
    name: token.name || 'Guest User',
    email: token.email,
    username: token.preferred_username,
    // Extracting roles for domain-specific logic (e.g., Editor, Admin)
    roles: token.realm_access?.roles || [],
    avatar: token.picture || null,
    // Custom logic to check for premium status
    isPremium: token.realm_access?.roles.includes('premium_subscriber') ?? false,
  };
};