<?php
/**
 * @copyright Copyright (c) 2017 Julius Härtl <jus@bitgrid.net>
 *
 * @author Julius Härtl <jus@bitgrid.net>
 *
 * @license GNU AGPL version 3 or any later version
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 */

namespace OCA\Registration\Controller;

use OCA\Registration\Db\Registration;
use OCA\Registration\Service\MailService;
use OCA\Registration\Service\RegistrationException;
use OCA\Registration\Service\RegistrationService;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Http;
use OCP\AppFramework\OCS\OCSBadRequestException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\Http\DataResponse;
use OCP\Defaults;
use OCP\IL10N;
use OCP\IRequest;

class ApiController extends OCSController {

	/** @var RegistrationService */
	private $registrationService;
	/** @var MailService */
	private $mailService;
	/** @var IL10N */
	private $l10n;
	/** @var Defaults */
	private $defaults;

	public function __construct($appName,
								IRequest $request,
								$corsMethods = 'PUT, POST, GET, DELETE, PATCH',
								$corsAllowedHeaders = 'Authorization, Content-Type, Accept',
								$corsMaxAge = 1728000,
								RegistrationService $registrationService,
								MailService $mailService,
								IL10N $l10n,
								Defaults $defaults) {
		parent::__construct($appName, $request, $corsMethods, $corsAllowedHeaders, $corsMaxAge);
		$this->registrationService = $registrationService;
		$this->mailService = $mailService;
		$this->l10n = $l10n;
		$this->defaults = $defaults;
	}

	/**
	 * @PublicPage
	 * @AnonRateThrottle(limit=5, period=1)
	 *
	 * @param $username
	 * @param $displayname
	 * @param $email
	 * @throws OCSException
	 * @return DataResponse
	 */
	public function validate($username, $displayname, $email) {
		try {
			$this->registrationService->validateEmail($email);
			$this->registrationService->validateDisplayname($displayname);
			$this->registrationService->validateUsername($username);
		} catch (RegistrationException $e) {
			throw new OCSBadRequestException($e->getMessage());
		}
		$data = [
			'username' => $username,
			'displayname' => $displayname,
			'email' => $email
		];
		return new DataResponse($data, Http::STATUS_OK);
	}

	/**
	 * @PublicPage
	 *
	 * @param $registrationToken
	 * @param $clientSecret
	 * @throws OCSException
	 * @return DataResponse
	 */
	public function status($registrationToken, $clientSecret=null) {
		$data = [];
		try {
			/** @var Registration $registration */
			$registration = $this->registrationService->getRegistrationForToken($registrationToken);
			if(!$registration->getEmailConfirmed()) {
				$data = [
					'status' => Registration::STATUS_PENDING,
					'message' => $this->l10n->t('Your registration is pending. Please confirm your email address.')
				];
			} else {
				// create account if email confirmed and not already created
				$user = $this->registrationService->getUserAccount($registration);
				if($user === null) {
					$user = $this->registrationService->createAccount($registration);
				}
				$this->registrationService->loginUser($user->getUID(), $registration->getUsername(), $registration->getPassword(), true);
				$appPassword = $this->registrationService->generateAppPassword($user->getUID());
				if ($clientSecret === $registration->getClientSecret()) {
					$data = [
						'status' => Registration::STATUS_FINISHED,
						'appPassword' => $appPassword,
						'cloudUrl' => $this->defaults->getBaseUrl()
					];
					$this->registrationService->deleteRegistration($registration);
				}
			}
			return new DataResponse($data, Http::STATUS_OK);
		} catch (DoesNotExistException $e) {
			throw new OCSNotFoundException('No pending registration.');
		}
	}

	/**
	 * @PublicPage
	 *
	 * @param $username
	 * @param $displayname
	 * @param $email
	 * @param $password
	 * @throws OCSException
	 * @return DataResponse
	 */
	public function register($username, $displayname, $email, $password) {
		$data = [];
		try {
			$secret = null;
			$registration = $this->registrationService->validateEmail($email);
			if($registration === null) {
				$this->registrationService->validateDisplayname($displayname);
				$this->registrationService->validateUsername($username);
				$registration = $this->registrationService->createRegistration($email, $username, $password, $displayname);
				$this->mailService->sendTokenByMail($registration);
				$secret = $registration->getClientSecret();
			} else {
				$this->registrationService->generateNewToken($registration);
				$this->mailService->sendTokenByMail($registration);
				throw new RegistrationException($this->l10n->t('There is already a pending registration with this email, a new verification email has been sent to the address.'));
			}

			$data['message'] = $this->l10n->t('Your registration is pending. Please confirm your email address.');
			$data['token'] = $registration->getToken();
			$data['status'] = Registration::STATUS_PENDING;
			if($secret !== null) {
				$data['secret'] = $secret;
			}
			return new DataResponse($data, Http::STATUS_OK);
		} catch (RegistrationException $exception) {
			throw new OCSException($exception->getMessage());
		}
	}

}