<?php

namespace UnicaenAuth\Controller;

use UnicaenApp\Exception\RuntimeException;
use UnicaenAuth\Service\Traits\ShibServiceAwareTrait;
use UnicaenAuth\Service\Traits\UserServiceAwareTrait;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Exception\ExceptionInterface;
use Zend\Http\Response;
use Zend\Mvc\Controller\AbstractActionController;
use ZfcUser\Controller\Plugin\ZfcUserAuthentication;

/**
 * Classe ajoutée lors de l'implémentation de l'auth Shibboleth.
 *
 * @method ZfcUserAuthentication zfcUserAuthentication()
 * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
 */
class AuthController extends AbstractActionController
{
    use ShibServiceAwareTrait;
    use UserServiceAwareTrait;

    /**
     * @return Response|array
     */
    public function shibbolethAction()
    {
        $operation = $this->params()->fromRoute('operation');

        if ($operation === 'deconnexion') {
            // déconnexion applicative quoiqu'il arrive
            $this->zfcUserAuthentication()->getAuthAdapter()->resetAdapters();
            $this->zfcUserAuthentication()->getAuthAdapter()->logoutAdapters();
            $this->zfcUserAuthentication()->getAuthService()->clearIdentity();

            // déconnexion Shibboleth le cas échéant
            if ($this->shibService->isShibbolethEnable()) {
                $homeUrl = $this->url()->fromRoute('home', [], ['force_canonical' => true]);
                $returnAbsoluteUrl = $this->params()->fromQuery('return', $homeUrl);
                return $this->redirect()->toUrl($this->shibService->getLogoutUrl($returnAbsoluteUrl));
            } else {
                return []; // une page d'aide s'affichera
            }
        }

        $shibUser = $this->shibService->getAuthenticatedUser();

        if ($shibUser === null) {
            return []; // une page d'aide s'affichera
        }

        /** @var AuthenticationService $authService */
        $authService = $this->getServiceLocator()->get('zfcuser_auth_service');
        try {
            $authService->getStorage()->write($shibUser->getId());
        } catch (ExceptionInterface $e) {
            throw new RuntimeException("Impossible d'écrire dans le storage");
        }

        $this->userService->userAuthenticated($shibUser);

        $redirectUrl = $this->params()->fromQuery('redirect', '/');

        return $this->redirect()->toUrl($redirectUrl);
    }

    public function shibboleth()
    {

    }
}