package com.plannaplan.controllers;

import com.plannaplan.exceptions.UserNotFoundException;
import com.plannaplan.security.cas.CasUserIdentity;
import com.plannaplan.security.cas.CasValidationExcepiton;
import com.plannaplan.security.cas.DefaultUAMCasValidator;
import com.plannaplan.services.UserService;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;

@RestController
@CrossOrigin
@Api(tags = { "Token" }, value = "Token", description = "Enpoints to get authorization.")
public class TokenController {

    private final static String SERVICE_URL = "http://localhost:3000";

    @Autowired
    private UserService userService;

    @GetMapping("/token")
    @ApiOperation(value = "Endpoint to access token required to call secured endpoints. In order to access token we need to provide access token comming from unviersity CAS system")
    public ResponseEntity<String> getToken(
            @RequestParam("ticket") @ApiParam(value = "Ticket get from CAS system. It should look like ST-1376572-wo41gty5R0JCZFKMMie2-cas.amu.edu.pl") final String ticket) {
        final DefaultUAMCasValidator validator = new DefaultUAMCasValidator(SERVICE_URL, ticket);

        try {
            CasUserIdentity casUserIdentity = validator.validate();
            String usosId = casUserIdentity.getUsosId();
            String authority = casUserIdentity.getEmail();
            this.userService.checkForUser(authority, usosId);
            String token = this.userService.login(authority);
            return new ResponseEntity<>(token, HttpStatus.OK);
        } catch (CasValidationExcepiton e) {
            return new ResponseEntity<>("Wrong ticket", HttpStatus.UNAUTHORIZED);
        } catch (UserNotFoundException e) {
            return new ResponseEntity<>("User not found", HttpStatus.NOT_FOUND);
        } catch (Exception e) {
            return new ResponseEntity<>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }

    }
}