package com.pollex.pam.service;

import com.fasterxml.jackson.databind.ObjectMapper;;
import com.pollex.pam.config.ApplicationProperties;
import com.pollex.pam.service.dto.EServiceRequest;
import com.pollex.pam.web.rest.vm.EServiceRequestVM;
import com.pollex.pam.service.dto.EServiceResponse;
import com.pollex.pam.web.rest.vm.OtpEmailLoginVM;
import com.pollex.pam.web.rest.vm.OtpSMSLoginVM;
import com.pollex.pam.web.rest.vm.VerifyOtpVM;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.http.*;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;

import javax.net.ssl.SSLContext;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;


@Service
public class LoginService {

    private final ApplicationProperties applicationProperties;

    public LoginService(ApplicationProperties applicationProperties) {
        this.applicationProperties = applicationProperties;
    }

    public void otpLoginByPhone(OtpSMSLoginVM login) {

    }

    public void otpLoginByEmail(OtpEmailLoginVM login) {

    }

    public void verifyOtp(VerifyOtpVM verifyOtpParam) {
        // todo 要跟保誠otp的認證

        // 假設成功了，DB的確認
    }

    public ResponseEntity<EServiceResponse> loginByEService(EServiceRequestVM param) throws Exception{
        EServiceRequest dto = new EServiceRequest();
        dto.setFunc("ValidateUserLogin");
        dto.setId(param.getUsername());
        dto.setPin(param.getPassword());
        dto.setPwd(param.getPassword());
        dto.setSys("epos");

        String dtoJson = new ObjectMapper().writeValueAsString(dto);

        RestTemplate restTemplate = getTrustAllRestTemplate();

        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_JSON);

        HttpEntity<String> entity = new HttpEntity<>(dtoJson, headers);
        return restTemplate.exchange(applicationProperties.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class);
    }

    private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {

        SSLContext sslContext = SSLContexts.custom()
            .loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true)
            .build();
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
        CloseableHttpClient httpClient = HttpClients.custom()
            .setSSLSocketFactory(csf)
            .build();
        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
        requestFactory.setHttpClient(httpClient);
        requestFactory.setConnectTimeout(300000);
        requestFactory.setReadTimeout(300000);
        return new RestTemplate(requestFactory);
    }
}