package com.juick.http.www;

import com.github.scribejava.apis.TwitterApi;
import com.github.scribejava.core.builder.ServiceBuilder;
import com.github.scribejava.core.model.*;
import com.github.scribejava.core.oauth.OAuthService;
import com.juick.server.UserQueries;
import org.json.JSONObject;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.Connection;

/**
 * Created by vt on 01.12.2015.
 */
public class TwitterAuth {

    private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";

    private String consumerKey, consumerSecret;

    public TwitterAuth(String consumerKey, String consumerSecret) {
        this.consumerKey = consumerKey;
        this.consumerSecret = consumerSecret;
    }

    protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        String hash = "", request_token = "", request_token_secret = "";
        String verifier = request.getParameter("oauth_verifier");
        Cookie[] cookies = request.getCookies();
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals("hash")) {
                hash = cookie.getValue();
            }
            if (cookie.getName().equals("request_token")) {
                request_token = cookie.getValue();
            }
            if (cookie.getName().equals("request_token_secret")) {
                request_token_secret = cookie.getValue();
            }
        }
        com.juick.User user = UserQueries.getUserByHash(sql, hash);
        if ( user == null || user.getUID() == 0) {
            response.sendError(403);
            return;
        }
        OAuthService oAuthService = new ServiceBuilder()
                .provider(TwitterApi.class)
                .apiKey(consumerKey)
                .apiSecret(consumerSecret)
                .callback("http://juick.com/_twitter")
                .build();

        if (request_token.isEmpty() && request_token_secret.isEmpty()
                && (verifier == null || verifier.isEmpty())) {
            Token requestToken = oAuthService.getRequestToken();
            String authUrl = oAuthService.getAuthorizationUrl(requestToken);
            response.addCookie(new Cookie("request_token", requestToken.getToken()));
            response.addCookie(new Cookie("request_token_secret", requestToken.getSecret()));
            response.setStatus(HttpServletResponse.SC_FOUND);
            response.setHeader("Location", authUrl);
        } else {
            if (verifier != null && verifier.length() > 0) {
                Token requestToken = new Token(request_token, request_token_secret);
                Token accessToken = oAuthService.getAccessToken(requestToken, new Verifier(verifier));
                OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService);
                oAuthService.signRequest(accessToken, oAuthRequest);
                JSONObject jsonResponse = new JSONObject(oAuthRequest.send().getBody());
                String screenName = jsonResponse.getString("screen_name");
                if (UserQueries.linkTwitterAccount(sql, user, accessToken.getToken(), accessToken.getSecret(), screenName)) {
                    response.setStatus(HttpServletResponse.SC_FOUND);
                    response.setHeader("Location", "http://juick.com/settings");
                } else {
                    response.sendError(500);
                }
            }
        }
    }
}