from flask import Flask, request, redirect, jsonify
from urllib.parse import urlparse, parse_qs

app = Flask(__name__)

# Endpoint to handle transparent redirection
@app.route('/redirect', methods=['GET'])
def handle_redirect():
    # Extract the transparent redirection URL from the query parameters
    redirection_url = request.args.get('redirection_url')

    # Check if redirection_url parameter is present
    if not redirection_url:
        return jsonify({"message": "Redirection URL not provided"}), 400

    # Perform server-side validation on the redirection URL
    parsed_url = urlparse(redirection_url)

    # Ensure the redirection_url is in a proper format (validate the scheme and netloc)
    if not parsed_url.scheme or not parsed_url.netloc:
        return jsonify({"message": "Invalid redirection URL"}), 400

    # Optional: Add any additional validation such as domain whitelisting
    # Example: Block unwanted domains
    if "invalid-domain.com" in redirection_url:
        return jsonify({"message": "Redirection to invalid domain is not allowed"}), 403

    # Return a 302 response code with the redirection
    return redirect(redirection_url, code=302)

# Privacy Policy for transparency
@app.route('/privacy', methods=['GET'])
def privacy_policy():
    policy = {
        "title": "Click Tracking Transparency Policy",
        "content": "All clicks are redirected using transparent URL parameters to ensure compliance with privacy and tracking standards."
    }
    return jsonify(policy)

if __name__ == '__main__':
    app.run(debug=True)