package gov.llnl.fssinglesignon;

import com.sun.appserv.security.AppservPasswordLoginModule;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import gov.llnl.fssinglesignon.util.LDAPAuthUtil;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.login.LoginException;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

public class FSLoginModule extends AppservPasswordLoginModule {

    public FSLoginModule() {
        log("FSLoginModule: Initialization");
    }

    protected void authenticateUser() throws LoginException {
        log((new StringBuilder()).append("FSCustomRealm Auth Info:_username:").append(_username).append(";_currentrealm:").append(_currentRealm).toString());

        //Check if the given realm is SampleRealm
        if (!(_currentRealm instanceof FSCustomRealm)) {
            throw new LoginException("Realm not FSCustomRealm");
        }

        //Authenticate User
        FSCustomRealm fsRealm = (FSCustomRealm) _currentRealm;
        if (!authenticate(_username, _password)) {
            //Login fails
            throw new LoginException((new StringBuilder()).append("FSCustomRealm:Login Failed for user  ").append(_username).toString());
        }

        //Login succeeds
        log((new StringBuilder()).append("FSCustomRealm:login succeeded for  ").append(_username).toString());

        //Get group names for the authenticated user from the Realm class
        Enumeration enumeration = null;
        String authenticatedGroups[] = new String[2];
        try {
            enumeration = fsRealm.getGroupNames(_username);
        } catch (InvalidOperationException invalidoperationexception) {
            throw new LoginException((new StringBuilder()).append("An InvalidOperationException was thrown "
                    + "   while calling getGroupNames() on the SampleRealm ").append(invalidoperationexception).toString());
        } catch (NoSuchUserException nosuchuserexception) {
            throw new LoginException((new StringBuilder()).append("A NoSuchUserException was thrown "
                    + "   while calling getGroupNames() on the SampleRealm ").append(nosuchuserexception).toString());
        }
        for (int i = 0; enumeration != null && enumeration.hasMoreElements(); i++) {
            authenticatedGroups[i] = (String) enumeration.nextElement();
        }

        //Call commitUserAuthentication with the groupNames the user belongs to
        commitUserAuthentication(authenticatedGroups);
    }

    private boolean authenticate(String username, String password) {
        log((new StringBuilder()).append("=>Application User=").append(username).toString());
        try {
            HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
            Cookie c = null;
            Cookie cookie[] = request.getCookies();
            if (cookie != null && cookie.length > 0) {
                for (int i = 0; i < cookie.length; i++) {
                    c = cookie[i];
                    System.out.println("Cookie Name: " + c.getName() + " domain:" + c.getDomain() + " exp:" + c.getMaxAge()); // log4j debug statement  
                }
            }
        } catch (PolicyContextException ex) {
            Logger.getLogger(FSLoginModule.class.getName()).log(Level.SEVERE, null, ex);
        }

        LDAPAuthUtil ldap = new LDAPAuthUtil();
        try {
            if (ldap.AuthUser(_username, _password) != null) {
                return true;
            }
        } catch (Exception ex) {
        }

        return false;
    }

    private void log(String s) {
        System.out.println((new StringBuilder()).append("FSLoginModule::").append(s).toString());
    }
}