package eu.eudat.security;

import java.util.ArrayList;

import javax.naming.NameAlreadyBoundException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

import eu.eudat.dao.entities.UserInfoDao;
import eu.eudat.entities.UserInfo;
import eu.eudat.exceptions.NonValidTokenException;
import eu.eudat.security.validators.GoogleTokenValidator;
import eu.eudat.security.validators.NativeTokenValidator;
import eu.eudat.security.validators.TokenValidator;

@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

	
	@Autowired private UserInfoDao userInfoDao;
	
	@Autowired private GoogleTokenValidator googleTokenValidator;
	@Autowired private NativeTokenValidator nativeTokenValidator;
	
	
	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		
		if (authentication != null) {
			
			String token = (String)authentication.getCredentials();
			TokenValidator tokenValidator = null;
			
			if(TokenAuthenticationFilter.HEADER_GOOGLE_TOKEN_FIELD.equals(authentication.getPrincipal())) 
				tokenValidator = googleTokenValidator;
			else if(TokenAuthenticationFilter.HEADER_NATIVE_TOKEN_FIELD.equals(authentication.getPrincipal()))
				tokenValidator = nativeTokenValidator;
			else 
				throw new AuthenticationServiceException("The appropriate http headers have not been set. Please check!");
			
			UserInfo userInfo;
			try {
				userInfo = tokenValidator.validateToken(token);
			} catch (NonValidTokenException e) {
				System.out.println("Could not validate a user by his token! Reason: "+e.getMessage());
				throw new AuthenticationServiceException("Token validation failed - Not a valid token");
			}
			
			// if reached this point, authentication is ok, so return just an instance where the principal is the UserInfo ID 
			//(to have it at the webservices calls - it's ESSENTIAL) while the password can be whatever...
			return new UsernamePasswordAuthenticationToken(userInfo.getId(), authentication.getCredentials(), new ArrayList<>());
			
		}
		else
			throw new AuthenticationServiceException("Authentication failed");
		
	}

	@Override
	public boolean supports(Class<?> authentication) {
		return authentication.equals(UsernamePasswordAuthenticationToken.class);
	}

}