<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use App\SsoClientLibrary;
use App\Models\User;
use Validator;

class Sso extends Controller
{
    //

	/**
	 * SSO login : check SSO session
	 */
	public function check()
	{		
		$objSso = new SsoClientLibrary();
		$objSso->ssoRequest();
	}

	/**
	 * SSO login : check SSO session
	 */
	public function callback(Request $request)
	{		
		if (isset($request->code) && $request->code != '') {
            $objSso = new SsoClientLibrary();
			$data_access_token = $objSso->ssoCallback();
			if (!empty($data_access_token)) {
				$data_access_token = json_decode($data_access_token);
				$access_token = $data_access_token->access_token; // store access_token within the session if needed?
            }
	
            if ($access_token != '') {
                //fetch ssoUserInfo
                $ssoUserInfo = $objSso->ssoUserInfo($access_token);
                $ssoUserInfo = json_decode($ssoUserInfo);

				// check if sso_email already mapped or not
				$user = User::where('sso_email', $ssoUserInfo->email)->first();

				if ($user) {
					// already mapped, proceed into sign-in
					// 1, store original password
						$original_password = $user->password;
					// 2, replace with dummy for bypass auth::attemp
						$pwd = 'mapped_sso';
						$user->password = $pwd;
						$user->save();
					// 3, attemp login
						$userdata   = [
							'username' => $user->username,
							'password' => $pwd,
						];
						if (\Auth::attempt($userdata)) {
							//return back the original password
							$userId = \Auth::id();
							$updateUser = DB::table('users')->where('id', $userId)->update(['password' => $original_password]);
							return redirect('/home');
						} else {
							//something went wrong, please do something
							abort(503, "Internal server error");
						}
				} else {
					// not mapped, proceed into mapping
					if (\Auth::check()) {
						// user already sign-in, proceed with auto mapping
						$logged_user = $request->user();
						// to do
					} else {
						return view('auth.mapping_sso', ['ssoUserInfo' => $ssoUserInfo]);
					}
				}
            }
        }
        // exit;
	}
    //

	/**
	 * SSO login : check SSO session
	 */
	public function checkTemplate()
	{
		return view('auth.mapping_sso');
	}

	/**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function attempt(Request $request)
    {
        $validator = Validator::make($request->all(), [
			'username' => 'required',
			'password' => 'required',
		]);
        if ($validator->fails()) {
            $respon = array('status'=>false, 'pesan' => $validator->messages());
        } else {
            $userdata   = [
				'username' => $request->input('username'),
				'password' => $request->input('password'),
			];
            if (\Auth::attempt($userdata)) {
				$userId = \Auth::id();
				$user = User::find($userId);
				$user->sso_flag = 1;
				$user->sso_email = $request->input('sso_email');
				$user->save();
                // Loginlog::create(['username'=>$request->input('username'), 'ip'=>$this->alamatIp()]);
                $respon = array('status'=>true, 'pesan' => ['msg' => 'Berhasil login = '.$userId]);
                $request->session()->flash('selamat-datang', 'Selamat Datang di Halaman Administrator');
            } else {
                $respon = array("status"=>false,"pesan"=> ['msg' => 'Gagal Login, Username atau Password salah!!']);
            }
        }
        return response()->json($respon);
    }
}