nomyo4J/src/main/java/ai/nomyo/SecureChatCompletion.java

package ai.nomyo;

import ai.nomyo.errors.*;
import lombok.Getter;

import java.util.List;
import java.util.Map;

/**
 * High-level OpenAI-compatible entrypoint with automatic hybrid encryption (AES-256-GCM + RSA-4096).
 */
@Getter
public class SecureChatCompletion {

    private final SecureCompletionClient client;
    private final String apiKey;
    private final String keyDir;

    /**
     * Default settings: {@code https://api.nomyo.ai}, HTTPS-only, secure memory, ephemeral keys, 2 retries.
     */
    public SecureChatCompletion() {
        this(Constants.DEFAULT_BASE_URL, false, null, true, null, Constants.DEFAULT_MAX_RETRIES);
    }

    /**
     * @param baseUrl      NOMYO Router base URL (HTTPS enforced unless {@code allowHttp})
     * @param allowHttp    permit {@code http://} URLs (development only)
     * @param apiKey       Bearer token (can also be passed per-call via {@link #create})
     * @param secureMemory enable memory locking/zeroing
     * @param keyDir       RSA key directory; {@code null} = ephemeral
     * @param maxRetries   retries on 429/500/502/503/504 + network errors (exponential backoff)
     */
    public SecureChatCompletion(String baseUrl, boolean allowHttp, String apiKey, boolean secureMemory, String keyDir, int maxRetries) {
        this.client = new SecureCompletionClient(baseUrl, allowHttp, secureMemory, maxRetries);
        this.apiKey = apiKey;
        this.keyDir = keyDir;
    }

    /**
     * Main entrypoint — same signature as {@code openai.ChatCompletion.create()}.
     * All kwargs are passed through to the OpenAI-compatible API.
     * <p>Streaming is <b>not supported</b> (server rejects with HTTP 400).
     * Security tiers: "standard", "high", "maximum".
     *
     * @param model    model identifier (required)
     * @param messages OpenAI-format message list (required)
     * @param kwargs   additional OpenAI-compatible params (temperature, maxTokens, etc.)
     * @return decrypted response map
     * @throws SecurityError           encryption/decryption failure
     * @throws APIConnectionError      network error
     * @throws InvalidRequestError     HTTP 400
     * @throws AuthenticationError     HTTP 401
     * @throws ForbiddenError          HTTP 403
     * @throws RateLimitError          HTTP 429
     * @throws ServerError             HTTP 500
     * @throws ServiceUnavailableError HTTP 503
     * @throws APIError                other errors
     */
    public Map<String, Object> create(String model, List<Map<String, Object>> messages, Map<String, Object> kwargs) {
        // Build payload from model, messages, and kwargs
        // Validate stream is false
        // Validate securityTier if provided
        // Use per-call api_key override if provided, else instance apiKey
        // Create temp client if baseUrl override provided
        // Send secure request
        // Return decrypted response map
        return null;
    }

    /**
     * Convenience variant with no additional parameters.
     */
    public Map<String, Object> create(String model, List<Map<String, Object>> messages) {
        return create(model, messages, null);
    }

    /**
     * Async alias for {@link #create(String, List, Map)}.
     */
    public Map<String, Object> acreate(String model, List<Map<String, Object>> messages, Map<String, Object> kwargs) {
        return create(model, messages, kwargs);
    }

    /**
     * Async alias for {@link #create(String, List)}.
     */
    public Map<String, Object> acreate(String model, List<Map<String, Object>> messages) {
        return create(model, messages);
    }

    /**
     * Delegates to {@link SecureCompletionClient#close()}.
     */
    public void close() {
        client.close();
    }
}