package net.gepafin.tendermanagement.config;

import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import net.gepafin.tendermanagement.constants.GepafinConstant;
import net.gepafin.tendermanagement.entities.SamlResponseEntity;
import net.gepafin.tendermanagement.enums.SamlResponseStatusEnum;
import net.gepafin.tendermanagement.repositories.SamlResponseRepository;
import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
import net.gepafin.tendermanagement.web.rest.api.errors.Status;

@Component
public class SamlFailureHandler implements AuthenticationFailureHandler {
	
    private final Logger logger = LoggerFactory.getLogger(SamlFailureHandler.class);
    
	@Value("${fe.base.url}")
	private String feBaseUrl;
	
	@Autowired
	private SamlResponseRepository samlResponseRepository;
	
	@Override
	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
			AuthenticationException exception) throws IOException {
		try {
			logger.error("SAML login failed: " + exception.getMessage());
			String inResponseTo = extractInResponseTo(feBaseUrl);
			if (Boolean.FALSE.equals(StringUtils.isEmpty(inResponseTo))) {
				SamlResponseEntity samlResponseLogEntity = samlResponseRepository
						.findByInResponseToAndStatus(inResponseTo, SamlResponseStatusEnum.INITIATED.getValue())
						.orElseThrow(() -> new CustomValidationException(Status.BAD_REQUEST,
								Translator.toLocale(GepafinConstant.INVALID_REQUEST)));
				samlResponseLogEntity.setStatus(SamlResponseStatusEnum.FAILED.getValue());
				samlResponseRepository.save(samlResponseLogEntity);
			}
			response.sendRedirect(feBaseUrl + "/login");
		} catch (Exception e) {
			logger.error("Error processing SAML failure handler", e);
		}
	}
	
	public static String extractInResponseTo(String message) {
		String regex = "InResponseTo attribute \\[([a-zA-Z0-9\\-]+)\\]";

		Pattern pattern = Pattern.compile(regex);
		Matcher matcher = pattern.matcher(message);

		if (matcher.find()) {
			return matcher.group(1);
		} else {
			return null;
		}
	}
	
}