package com.pollex.pam.security.provider;

import com.pollex.pam.business.web.errors.CustomerNotRegisteredException;
import com.pollex.pam.security.token.OtpAuthenticationToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

import com.pollex.pam.business.domain.Customer;
import com.pollex.pam.business.repository.CustomerRepository;
import com.pollex.pam.service.CustomerAuthService;
import com.pollex.pam.business.service.OtpTmpService;
import com.pollex.pam.service.OtpUtilService;
import com.pollex.pam.business.web.vm.OtpAccount;

@Component
public class OtpAuthenticationProvider {

    private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);

    @Autowired
    CustomerAuthService customerAuthService;

    @Autowired
    CustomerRepository customerRepository;

    @Autowired
    OtpTmpService otpTmpService;

    @Autowired
    OtpUtilService otpUtilService;

    public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {
        OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();
        String account = otpAccount.getAccount();
        String indexKey = otpAccount.getIndexKey();
        String otpCode = otpAuthenticationToken.getCredentials();

        otpUtilService.verifyOtp(account, indexKey, otpCode);
    	Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
    						.orElse(null);

    	if (customer == null) {
    		throw new CustomerNotRegisteredException();
    	}

    	return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);

    }
}