package eu.eudat.services;

import eu.eudat.dao.entities.UserInfoDao;
import eu.eudat.dao.entities.security.UserTokenDao;
import eu.eudat.entities.Credential;
import eu.eudat.entities.UserInfo;
import eu.eudat.entities.UserRole;
import eu.eudat.entities.UserToken;
import eu.eudat.models.criteria.UserInfoCriteria;
import eu.eudat.models.login.Credentials;
import eu.eudat.models.loginprovider.LoginProviderUser;
import eu.eudat.models.security.Principal;
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
import eu.eudat.types.Authorities;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import javax.xml.ws.ServiceMode;
import java.util.*;
import java.util.stream.Collectors;


@Service("authenticationService ")
public class AuthenticationService {
    private ApiContext apiContext;
    private Environment environment;

    @Autowired
    public AuthenticationService(ApiContext apiContext, Environment environment) {
        this.environment = environment;
        this.apiContext = apiContext;
    }

    public Principal Touch(UUID token) {
        UserToken tokenEntry = this.apiContext.getDatabaseRepository().getUserTokenDao().find(token);
        if (tokenEntry == null || tokenEntry.getExpiresAt().before(new Date())) return null;

        return this.Touch(tokenEntry);
    }

    public void Logout(UUID token) {
        UserToken tokenEntry = this.apiContext.getDatabaseRepository().getUserTokenDao().find(token);
        this.apiContext.getDatabaseRepository().getUserTokenDao().delete(tokenEntry);
    }

    private Principal Touch(UserToken token) {
        if (token == null || token.getExpiresAt().before(new Date())) return null;

        UserInfo user = this.apiContext.getDatabaseRepository().getUserInfoDao().find(token.getUser().getId());
        if (user == null) return null;

        Principal principal = new Principal();
        principal.setId(user.getId());
        principal.setToken(token.getToken());
        principal.setExpiresAt(token.getExpiresAt());
        principal.setName(user.getName());

        List<UserRole> userRoles = apiContext.getDatabaseRepository().getUserRoleDao().getUserRoles(user);
        for (UserRole item : userRoles) {
            if (principal.getAuthz() == null) principal.setAuthorities(new HashSet<>());
            principal.getAuthz().add(Authorities.fromInteger(item.getRole()));
        }
        return principal;
    }

    public Principal Touch(Credentials credentials) {
        Credential credential = this.apiContext.getDatabaseRepository().getCredentialDao().getLoggedInCredentials(credentials);

        if (credential == null && credentials.getUsername().equals(environment.getProperty("autouser.root.username")))
            credential = this.autoCreateUser(credentials.getUsername(), credentials.getSecret());

        if (credential == null) return null;

        UserToken userToken = new UserToken();
        userToken.setUser(credential.getUserInfo());
        userToken.setIssuedAt(new Date());
        userToken.setToken(UUID.randomUUID());
        userToken.setExpiresAt(addADay(new Date()));
        userToken = apiContext.getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);

        return this.Touch(userToken);

    }

    public Principal Touch(LoginProviderUser profile) {
        UserInfoCriteria criteria = new UserInfoCriteria();
        criteria.setEmail(profile.getEmail());
        UserInfo userInfo = apiContext.getDatabaseRepository().getUserInfoDao().asQueryable().withHint("userInfo").where((builder, root) -> builder.equal(root.get("email"), profile.getEmail())).getSingleOrDefault();

        final Credential credential = new Credential();
        credential.setId(UUID.randomUUID());
        credential.setCreationTime(new Date());
        credential.setStatus(1);
        credential.setLastUpdateTime(new Date());
        credential.setProvider((int) profile.getProvider().getValue());
        credential.setSecret(profile.getSecret());
        if (userInfo == null) {
            userInfo = new UserInfo();
            userInfo.setName(profile.getName());
            userInfo.setVerified_email(profile.getIsVerified());
            userInfo.setEmail(profile.getEmail());
            userInfo.setCreated(new Date());
            userInfo.setLastloggedin(new Date());
            userInfo.setAuthorization_level(new Short("1"));
            userInfo.setUsertype(new Short("1"));
            userInfo = apiContext.getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
            credential.setPublicValue(userInfo.getName());
            credential.setUserInfo(userInfo);
            apiContext.getDatabaseRepository().getCredentialDao().createOrUpdate(credential);

            UserRole role = new UserRole();
            role.setRole(Authorities.USER.getValue());
            role.setUserInfo(userInfo);
            apiContext.getDatabaseRepository().getUserRoleDao().createOrUpdate(role);

        } else {
            userInfo.setLastloggedin(new Date());
            Set<Credential> credentials = userInfo.getCredentials();
            if (credentials.contains(credential)) {
                Credential oldCredential = credentials.stream().filter(item -> credential.getProvider().equals(item.getProvider())).findFirst().get();
                credential.setId(oldCredential.getId());
            } else {
                credential.setUserInfo(userInfo);
                credential.setId(UUID.randomUUID());
                credential.setPublicValue(userInfo.getName());
                apiContext.getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
                userInfo.getCredentials().add(credential);
            }
            userInfo = apiContext.getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
        }

        UserToken userToken = new UserToken();
        userToken.setUser(userInfo);
        userToken.setIssuedAt(new Date());
        userToken.setToken(UUID.randomUUID());
        userToken.setExpiresAt(addADay(new Date()));
        apiContext.getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
        return Touch(userToken.getToken());
    }

    private Date addADay(Date date) {
        Date dt = new Date();
        Calendar c = Calendar.getInstance();
        c.setTime(dt);
        c.add(Calendar.DATE, 1);
        dt = c.getTime();
        return dt;
    }


    @Transactional
    private Credential autoCreateUser(String username, String password) {
        if (!environment.getProperty("autouser.root.username").equals(username) || !environment.getProperty("autouser.root.password").equals(password))
            return null;

        UserInfo userInfo = new UserInfo();
        userInfo.setName(username);
        userInfo.setEmail(environment.getProperty("autouser.root.email"));
        userInfo.setCreated(new Date());
        userInfo.setLastloggedin(new Date());
        userInfo.setAuthorization_level((short) 1);
        userInfo.setUsertype((short) 1);
        userInfo = this.apiContext.getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);

        UserRole role = new UserRole();
        role.setRole(Authorities.ADMIN.getValue());
        role.setUserInfo(userInfo);
        this.apiContext.getDatabaseRepository().getUserRoleDao().createOrUpdate(role);

        Credential credential = new Credential();
        credential.setUserInfo(userInfo);
        credential.setPublicValue(username);
        credential.setSecret(password);
        credential.setProvider((int) TokenValidatorFactoryImpl.LoginProvider.NATIVELOGIN.getValue());
        credential.setCreationTime(new Date());
        credential.setLastUpdateTime(new Date());
        credential.setStatus(0);
        return this.apiContext.getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
    }
}