//
   //  ========================================================================
   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
   //  ------------------------------------------------------------------------
   //  All rights reserved. This program and the accompanying materials
   //  are made available under the terms of the Eclipse Public License v1.0
   //  and Apache License v2.0 which accompanies this distribution.
   //
   //      The Eclipse Public License is available at
  //      http://www.eclipse.org/legal/epl-v10.html
  //
  //      The Apache License v2.0 is available at
  //      http://www.opensource.org/licenses/apache2.0.php
  //
  //  You may elect to redistribute this code under either of these licenses.
  //  ========================================================================
  //
  
  package org.eclipse.jetty.jaas.spi;
  
  import java.sql.Connection;
  import java.sql.PreparedStatement;
  import java.sql.ResultSet;
  import java.util.ArrayList;
  import java.util.List;
  import java.util.Map;
  
  import javax.security.auth.Subject;
  import javax.security.auth.callback.CallbackHandler;
  
  import org.eclipse.jetty.util.log.Log;
  import org.eclipse.jetty.util.log.Logger;
  import org.eclipse.jetty.util.security.Credential;
  
  /**
   * AbstractDatabaseLoginModule
   *
   * Abstract base class for LoginModules that interact with a
   * database to retrieve authentication and authorization information.
   * Used by the JDBCLoginModule and DataSourceLoginModule.
   *
   */
  public abstract class AbstractDatabaseLoginModule extends AbstractLoginModule
  {
      private static final Logger LOG = Log.getLogger(AbstractDatabaseLoginModule.class);
  
      private String userQuery;
      private String rolesQuery;
      private String dbUserTable;
      private String dbUserTableUserField;
      private String dbUserTableCredentialField;
      private String dbUserRoleTable;
      private String dbUserRoleTableUserField;
      private String dbUserRoleTableRoleField;
  
      /**
       * @return a java.sql.Connection from the database
       * @throws Exception if unable to get the connection
       */
      public abstract Connection getConnection () throws Exception;
      
      
      public class JDBCUserInfo extends UserInfo
      {
          public JDBCUserInfo (String userName, Credential credential)
          {
              super(userName, credential);
          }
          
          
          
          @Override
          public List<String> doFetchRoles ()
          throws Exception
          {
             return getRoles(getUserName());
          }
      }
  
  
  
      /* ------------------------------------------------ */
      /** Load info from database
       * @param userName user info to load
       * @exception Exception if unable to get the user info
       */
      public UserInfo getUserInfo (String userName)
          throws Exception
      {
          try (Connection connection = getConnection())
          {
  
              //query for credential
              String dbCredential = null;
              try (PreparedStatement statement = connection.prepareStatement (userQuery))
              {
                  statement.setString (1, userName);
                  try (ResultSet results = statement.executeQuery())
                  {
                     if (results.next())
                     {
                         dbCredential = results.getString(1);
                     }
                 }
             }
 
             if (dbCredential==null)
             {
                 return null;
             }
 
           
 
             return new JDBCUserInfo (userName, Credential.getCredential(dbCredential));
         }
     }
     
     
     public List<String>  getRoles (String userName)
     throws Exception
     {
         List<String> roles = new ArrayList<String>();
         
         try (Connection connection = getConnection())
         {
             //query for role names
 
             try (PreparedStatement statement = connection.prepareStatement (rolesQuery))
             {
                 statement.setString (1, userName);
                 try (ResultSet results = statement.executeQuery())
                 {
                     while (results.next())
                     {
                         String roleName = results.getString (1);
                         roles.add (roleName);
                     }
                 }
             }
           
         }
 
         return roles;
     }
     
     
 
 
     public void initialize(Subject subject,
             CallbackHandler callbackHandler,
             Map<String,?> sharedState,
             Map<String,?> options)
     {
         super.initialize(subject, callbackHandler, sharedState, options);
 
         //get the user credential query out of the options
         dbUserTable = (String)options.get("userTable");
         dbUserTableUserField = (String)options.get("userField");
         dbUserTableCredentialField = (String)options.get("credentialField");
 
         userQuery = "select "+dbUserTableCredentialField+" from "+dbUserTable+" where "+dbUserTableUserField+"=?";
 
 
         //get the user roles query out of the options
         dbUserRoleTable = (String)options.get("userRoleTable");
         dbUserRoleTableUserField = (String)options.get("userRoleUserField");
         dbUserRoleTableRoleField = (String)options.get("userRoleRoleField");
 
         rolesQuery = "select "+dbUserRoleTableRoleField+" from "+dbUserRoleTable+" where "+dbUserRoleTableUserField+"=?";
 
         if(LOG.isDebugEnabled())LOG.debug("userQuery = "+userQuery);
         if(LOG.isDebugEnabled())LOG.debug("rolesQuery = "+rolesQuery);
     }
 }