<?php
/**
 * Copyright 2020 Art-ER S. Cons. P.A.
 * EROI - Emilia Romagna Open Innovation is based on:
 * https://www.open2.0.regione.lombardia.it
 *
 * @see http://example.com Developers'community
 * @license GPLv3
 * @license https://opensource.org/licenses/gpl-3.0.html GNU General Public License version 3
 *
 * @package    arter\amos\socialauth
 * @category   CategoryName
 * @author     Elite Division S.r.l.
 */

namespace arter\amos\socialauth;

use arter\amos\admin\AmosAdmin;
use arter\amos\admin\models\UserProfile;
use arter\amos\core\module\AmosModule;
use arter\amos\socialauth\controllers\ShibbolethController;
use arter\amos\socialauth\models\SocialAuthServices;
use arter\amos\socialauth\utility\SocialAuthUtility;
use Yii;
use yii\base\BootstrapInterface;
use yii\base\Event;
use yii\helpers\ArrayHelper;

/**
 * Class Module
 * @package arter\amos\socialauth
 */
class Module extends AmosModule implements BootstrapInterface
{
    public static $CONFIG_FOLDER = 'config';

    /**
     * @var array providers configuration
     */
    public $providers = [];

    /**
     * @var $enableLogin bool Is Login With Social Enabled?
     */
    public $enableLogin;

    /**
     * @var $enableSpid bool Is Login With Spid Enabled?
     */
    public $enableSpid = false;

    public $shibbolethConfig = [
        'buttonLabel' => '#fullsize_login_spid_text',
        'buttonDescription' => '#fullsize_login_spid_text_right'
    ];

    /**
     * @var $enableLogin bool Is Social Account Link Enabled?
     */
    public $enableLink;

    /**
     * @var $enableLogin bool Is Social registration Enabled?
     */
    public $enableRegister;

    /**
     * @var bool Decide if the overload security is enabled (false) or user can be oberloaded by social (true)
     */
    public $userOverload = false;

    /**
     * @var bool $enableServices - array with enabled service names
     */
    public $enableServices = ['calendar', 'contacts'];

    /**
     * @inheritdoc
     */
    public $name = 'socialauth';

    /**
     * @var string $moduleName
     */
    private static $moduleName = 'socialauth';

    /**
     * @var string|boolean the layout that should be applied for views within this module. This refers to a view name
     * relative to [[layoutPath]]. If this is not set, it means the layout value of the [[module|parent module]]
     * will be taken. If this is false, layout will be disabled within this module.
     */
    public $layout = 'main';

    /**
     * @inheritdoc
     */
    public $controllerNamespace = 'arter\amos\socialauth\controllers';

    public $timeout = 180;

    /**
     * @var bool $enableSpidMultiUsersSameCF If true the model validation doesn't check the unique of che fiscal code.
     */
    public $enableSpidMultiUsersSameCF = false;

    /**
     * @var bool $shibbolethAutoLogin if true on shibboleth controller make automatic login
     */
    public $shibbolethAutoLogin = false;

    /**
     * @var bool $shibbolethAutoRegistration if true on shibboleth controller make automatic registration
     */
    public $shibbolethAutoRegistration = false;

    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init(); // TODO: Change the autogenerated stub
        \Yii::setAlias('@arter/amos/' . static::getModuleName() . '/controllers', __DIR__ . '/controllers');

        //Configuration
        $config = require(__DIR__ . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'config.php');
        \Yii::configure($this, ArrayHelper::merge($config, $this));
    }

    /**
     * @inheritdoc
     */
    public static function getInstance() {
        if(Yii::$app->session->has('socialAuthInstance')) {
            return Yii::$app->getModule(Yii::$app->session->get('socialAuthInstance'));
        }

        return parent::getInstance();
    }

    /**
     * @return array
     */
    public function getProviders()
    {
        return $this->providers;
    }

    /**
     * @inheritdoc
     */
    public static function getModuleName()
    {
        return static::$moduleName;
    }

    /**
     * @inheritdoc
     */
    public function getWidgetIcons()
    {
        return [
        ];
    }

    /**
     * @inheritdoc
     */
    public function getWidgetGraphics()
    {
        return [
        ];
    }

    /**
     * @inheritdoc
     */
    protected function getDefaultModels()
    {
        return [
        ];
    }

    /**
     * @param string $provider
     * @param null|SocialAuthServices $service
     * @return \Google_Client|null
     */
    public function getClient($provider = 'google', $service = null)
    {
        $providers = $this->providers;
        $client = null;
        if ($provider == 'google') {
            if (!empty($providers) && array_key_exists('Google', $providers)) {
                $key = $providers['Google']['keys']['secret'];
                $clientId = $providers['Google']['keys']['id'];
                $client = new \Google_Client();
                $client->setClientId($clientId);
                $client->setClientSecret($key);
                if (!is_null($service)) {
                    $accessToken['access_token'] = $service->access_token;
                    $accessToken['token_type'] = $service->token_type;
                    $accessToken['expires_in'] = $service->expires_in;
                    $accessToken['created'] = $service->token_created;
                    $client->setAccessToken($accessToken);
                    // Refresh the token if it's expired.
                    if ($client->isAccessTokenExpired()) {
                        $accessToken = $client->fetchAccessTokenWithRefreshToken($service->refresh_token);
                        $service->access_token = $accessToken['access_token'];
                        $service->token_type = $accessToken['token_type'];
                        $service->expires_in = $accessToken['expires_in'];
                        $service->token_created = $accessToken['created'];
                        if (!$service->save()) {
                            \Yii::$app->session->addFlash('danger', Module::t('amossocialauth',
                                'An error occurred while synchronizing {provider} {serviceName}',
                                ['provider' => $provider, 'serviceName' => $service->service]));
                        }
                    }
                }
            }
        }
        return $client;
    }

    /**
     * @param SocialAuthServices $service
     * @return string $message
     */
    public function synchronizeGoogleService($service)
    {
        $message = '';
        $client = $this->getClient('google', $service);
        if ($service->service == 'calendar') {
            $serviceGoogle = new \Google_Service_Calendar($client);
            $calendarId = $service->service_id;
            if (empty($calendarId)) {
                $calendar = new \Google_Service_Calendar_Calendar();
                $calendar->setSummary(\Yii::$app->name);
                $calendar = $serviceGoogle->calendars->insert($calendar);
                $calendarId = $calendar->getId();

                $service->service_id = $calendarId;
                $service->save(false);
                $message = Module::t('amossocialauth', 'Calendar \'{appName}\' has been added successfully to your Google Account.', ['appName' => \Yii::$app->name]);
            } else {
                $message .= Module::t('amossocialauth', 'Calendar \'{appName}\' synchronization', ['appName' => \Yii::$app->name]);
            }

            $eventsModule = Yii::$app->getModule('events');
            if (!is_null($eventsModule)) {
                return $eventsModule->synchronizeEvents($serviceGoogle, $calendarId, $message);
            }
        } elseif ($service->service == 'contacts') {
            $serviceGoogle = new \Google_Service_PeopleService($client);
            $message = AmosAdmin::synchronizeGoogleContacts($serviceGoogle);
        }
        return $message;
    }

    /**
     * @param SocialAuthServices $service
     * @return string
     */
    public function removeGoogleService($service)
    {
        $message = '';
        $client = $this->getClient();
        $accessToken['access_token'] = $service->access_token;
        $accessToken['token_type'] = $service->token_type;
        $accessToken['expires_in'] = $service->expires_in;
        $accessToken['created'] = $service->token_created;
        $client->setAccessToken($accessToken);
        // Refresh the token if it's expired.
        if ($client->isAccessTokenExpired()) {
            $accessToken = $client->fetchAccessTokenWithRefreshToken($service->refresh_token);
            $service->access_token = $accessToken['access_token'];
            $service->token_type = $accessToken['token_type'];
            $service->expires_in = $accessToken['expires_in'];
            $service->token_created = $accessToken['created'];
            if (!$service->save()) {
                $message = Module::t('amosadmin', 'Errore durante l\'aggiornamento delle impostazioni');
            }
        }
        if ($service->service == 'calendar') {
            $message .= ' calendar : ';
            $serviceGoogle = new \Google_Service_Calendar($client);
            $calendarId = $service->service_id;
            if (!empty($calendarId)) {
                $calendar = $serviceGoogle->calendars->get($calendarId);
                if ($calendar) {
                    $message .= $calendarId . ' ';
                }
            }
            $serviceGoogle->calendars->delete($calendarId);
        } elseif ($service->service == 'contacts') {
            AmosAdmin::removeGoogleContacts();
        }
        return $message;
    }

    /**
     * @inheritdoc
     */
    public function bootstrap($app)
    {
        //Init a new shibboleth controller to link user
        $shibbolethController = new ShibbolethController('shibboleth', $this);

        Event::on(AmosAdmin::instance()->model('UserProfile'), UserProfile::EVENT_AFTER_INSERT, ['arter\amos\socialauth\utility\SocialAuthUtility', 'createIdmUser']);

        //Get Session IDM datas (copy of headers)
        $sessionIDM = \Yii::$app->session->get('IDM');

        //Link to current user with IDM
        if ($sessionIDM && $sessionIDM['matricola']) {
            return $shibbolethController->tryIdmLink('idm', $sessionIDM, false, false);
        } else if ($sessionIDM && $sessionIDM['saml_attribute_codicefiscale']) {
            return $shibbolethController->tryIdmLink('spid', $sessionIDM, false, false);
        }
    }
}