package com.pollex.pam.service;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import com.pollex.pam.business.domain.Customer;
import com.pollex.pam.business.enums.CustomerDetailEnum;
import com.pollex.pam.business.repository.CustomerRepository;
import com.pollex.pam.security.jwt.TokenProvider;
import com.pollex.pam.security.token.OtpAuthenticationToken;
import com.pollex.pam.business.web.vm.OtpAccount;

@Service
@Transactional
public class CustomerAuthService {

	@Autowired
    AuthenticationManagerBuilder authenticationManagerBuilder;

	@Autowired
    CustomerRepository customerRepository;

    @Autowired
    TokenProvider tokenProvider;

	public String authorize(Customer account, String indexKey, String otpCode) {
		OtpAccount otpAccount = OtpAccount.createOtpAccount(account, indexKey);
        OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
            otpAccount,
            otpCode
        );

        SecurityContextHolder.getContext().setAuthentication(authenticationToken);

        Authentication authentication = buildCustomerAuthToken(account, otpCode, indexKey);
        String jwt = tokenProvider.createToken(authentication, false);
        return jwt;
	}

	public UsernamePasswordAuthenticationToken buildCustomerAuthToken(Customer customer
    		, String otpCode, String indexKey) {

        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));

        final String account = customer.toAccountString();
        UsernamePasswordAuthenticationToken authenticationToken =
        		new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);

        Map<String, String> details = new HashMap<>();
        details.put(CustomerDetailEnum.DB_ID.getValue(), customer.getId().toString());
        authenticationToken.setDetails(details);

        return authenticationToken;
    }
}