package com.ge.bm.ext.security;

import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;

import com.thingworx.common.RESTAPIConstants;
import com.thingworx.common.SharedConstants;
import com.thingworx.common.exceptions.InvalidRequestException;
import com.thingworx.data.util.InfoTableInstanceFactory;
import com.thingworx.entities.utils.EntityUtilities;
import com.thingworx.logging.LogUtilities;
import com.thingworx.relationships.RelationshipTypes.ThingworxRelationshipTypes;
import com.thingworx.resources.Resource;
import com.thingworx.security.authentication.AuthenticationType;
import com.thingworx.security.authentication.AuthenticationUtilities;
import com.thingworx.security.authentication.AuthenticatorException;
import com.thingworx.security.authentication.CustomAuthenticator;
import com.thingworx.security.context.SecurityContext;
import com.thingworx.security.users.User;
import com.thingworx.types.ConfigurationTable;
import com.thingworx.types.InfoTable;
import com.thingworx.types.collections.ValueCollection;
import com.thingworx.types.constants.CommonPropertyNames;
import com.thingworx.webservices.context.ThreadLocalContext;

public class UAAAuthenticator extends CustomAuthenticator {

	/**
	 * 
	 */
	private static final long serialVersionUID = -8385403778029728507L;
	
	private static Logger LOG = LogUtilities.getInstance().getSecurityLogger(UAAAuthenticator.class);
	private static final java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("YYYY/DD/MM HH:mi:ss");
	
    private final String _missingAuthenticationMessage = "An invalid UserID has been specified for Authentication Scheme: ";

	public UAAAuthenticator() {
		// TODO Auto-generated constructor stub
	}

	/**
	 * Determines if request can be handled by this Authenticator. If the
	 * request has a GE SSO set in the headers, this will return true. Otherwise, it will return false and it will fall back
	 * to using Basic Authentication.
	 */
	@Override
	public boolean matchesAuthRequest(HttpServletRequest httpRequest)
			throws AuthenticatorException {
		
		return true;
	}

	@Override
	public void authenticate(HttpServletRequest request,
			HttpServletResponse response) throws AuthenticatorException {

		String accessToken = null;
		try {
			System.out.println(sdf.format(new java.util.Date()) + ": Going to login page");
			LOG.info("Going to login page");
			response.sendRedirect("<Here goes the URL>"); // FIXME
			return;
		} catch (IOException ioe) {
			// TODO Auto-generated catch block
			ioe.printStackTrace();
		}
	}

	/**
	 * required by TW 6.5; not leveraged by this version of the authenticator
	 */
	@Override
	public void issueAuthenticationChallenge(HttpServletRequest httpRequest, HttpServletResponse httpResponse)
			throws AuthenticatorException {
		LOG.error("Hit issueAuthenticationChallenge...should not get here.");

		String exceptionMsg = this._missingAuthenticationMessage;
		exceptionMsg += AuthenticationType.AUTH_THINGWORX_BASIC.name();

		throw new AuthenticatorException(new InvalidRequestException (exceptionMsg, RESTAPIConstants.StatusCode.STATUS_UNAUTHORIZED));
	}
}