<?php
/**
 * Authserver, an OAuth2-based single-signon authentication provider written in PHP.
 *
 * Copyright (C) $today.date  Lars Vierbergen
 *
 * his program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace vierbergenlars\AuthserverOAuthAccountBundle\DependencyInjection;


use Symfony\Component\Config\Definition\Processor;
use Symfony\Component\DependencyInjection\ChildDefinition;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\DefinitionDecorator;
use Symfony\Component\DependencyInjection\Extension\PrependExtensionInterface;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
use Symfony\Component\DependencyInjection\Loader;
use vierbergenlars\AuthserverExternalAccountBundle\AuthserverExternalAccountBundle;
use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerConfig;

class AuthserverOAuthAccountExtension extends Extension implements PrependExtensionInterface
{
    const USER_PROVIDER_SERVICE = 'vierbergenlars.authserver_oauth_account.user_provider';

    public function prepend(ContainerBuilder $container)
    {
        $container->prependExtensionConfig('hwi_oauth', [
            'firewall_names' => ['public'],
            'connect' => [
                'account_connector' => self::USER_PROVIDER_SERVICE,
            ]
        ]);

        $configs = $container->getExtensionConfig($this->getAlias());

        $processor = new Processor();
        $config = $processor->processConfiguration(new Configuration(), $configs);
        $container->prependExtensionConfig('hwi_oauth', [
            'resource_owners' => array_map(function($resource_owner) {
                return $resource_owner['config'];
            }, $config['resource_owners']),
        ]);

        $container->loadFromExtension('security', [
            'firewalls' => [
                'public' => [
                    'oauth' => [
                        'resource_owners' => array_combine(array_keys($config['resource_owners']), array_map(function($roName) {
                            return '/login/oauth/'.$roName;
                        }, array_keys($config['resource_owners']))),
                        'login_path' => 'app_login',
                        'failure_path' => 'app_login',
                        'oauth_user_provider' => [
                            'service' => self::USER_PROVIDER_SERVICE,
                        ],
                    ],
                ]
            ],
        ]);
    }

    public function load(array $configs, ContainerBuilder $container)
    {
        $servicesDirectory = __DIR__.'/../Resources/config';
        $fileLocator = new FileLocator($servicesDirectory);
        $xmlLoader = new Loader\XmlFileLoader($container, $fileLocator);
        $xmlLoader->load('services.xml');

        $processor = new Processor();
        $config = $processor->processConfiguration(new Configuration(), $configs);

        foreach($config['resource_owners'] as $name => $config)
        {
            $service = new DefinitionDecorator('vierbergenlars.authserver_oauth_account.external_account_provider.abstract');
            $service->replaceArgument(0, $name);
            $service->replaceArgument(1, $config);
            $service->addTag(AuthserverExternalAccountBundle::EXTERNAL_ACCOUNT_PROVIDER_TAG);
            $container->setDefinition('vierbergenlars.authserver_oauth_account.external_account_provider.impl.'.$name, $service);
        }
    }

    public function getAlias()
    {
        return 'oauth';
    }
}