package com.megatim.apifdxweb.impl.authentication;

import com.megatim.apifdxweb.core.ifaces.administration.TokenGenerationManager;
import com.megatim.apifdxweb.core.ifaces.administration.UserManager;
import com.megatim.apifdxweb.model.administration.User;
import com.megatim.apifdxweb.model.dtos.EditPasswordDto;
import com.megatim.apifdxweb.model.dtos.TokenAuthentificationRequest;
import com.megatim.apifdxweb.service.ifaces.authentication.AuthenticationRS;
import com.mgt.rs.security.core.common.AuthenticatedUser;
import com.mgt.rs.security.core.exception.AuthenticationException;
import com.mgt.rs.security.core.model.AuthenticationToken;
import com.mgt.rs.security.core.service.AuthenticationTokenService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import javax.enterprise.context.RequestScoped;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import javax.ws.rs.Path;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;

/**
 *
 * @author Gabuntu
 */
@Path("auth")
@RequestScoped
@Api(value = "Ressources pour l'authentification de l'API")
public class AuthenticationRSImpl implements AuthenticationRS {

    @Inject
    private AuthenticationTokenService authenticationTokenService;

    @Inject
    private UserManager userManager;

    @Inject
    private TokenGenerationManager tokenGenerationManager;

    private String codeParticipant;

    public void handleAuthenticationEvent(@Observes @AuthenticatedUser String connectedUserName) {
        this.codeParticipant = connectedUserName;
    }

    @ApiOperation(value = "Génère un token si les identifiants du participant passé en paramètre sont corrects")
    @Override
    public Response authenticate(TokenAuthentificationRequest authentificationRequest) {
        authentificationRequest.setValidite(authentificationRequest.getValidite() * 3600 * 1000);

        //On recupère l'utilisateur
        User user = validateCredentials(authentificationRequest.getCodeParticipant(), authentificationRequest.getPassword());

        //On génère le token
        String token = authenticationTokenService.issueToken(user.getUserName(), authentificationRequest.getValidite());

        //On enregistre le token généré en base de donné car c'est le seul valide pour connexion pour cet utilisateur
        tokenGenerationManager.createTokenGeneration(user, token, authentificationRequest.getValidite());

        //On cree une instance
        AuthenticationToken authenticationToken = new AuthenticationToken();
        authenticationToken.setToken(token);

        return Response.ok(authenticationToken).build();

    }

    @ApiOperation(value = "Génère un token si les identifiants du participant passé en paramètre sont corrects")
    @Override
    public Response editPassword(HttpHeaders headers, EditPasswordDto editPasswordDto) {
        userManager.editPassword(codeParticipant, editPasswordDto);
        return Response.ok().build();
    }

    /**
     * Validate username and password.
     *
     * @param username
     * @param password
     * @return
     */
    private User validateCredentials(String username, String password) {
        User user = userManager.recuperUtilisateur(username, password);
        if (user == null) {
            throw new AuthenticationException("Identifiants de connexion incorrects.");
        }
        return user;
    }

}