using Business.BusinessLogic.Auth;
using Common.Models;
using log4net;
using Microsoft.IdentityModel.Tokens;
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading;

namespace Business.TokenManagement
{
    public class TokenManagementServices : ITokenManagementServices
    {
        private readonly IAuthServices _authServices;
        private readonly ILog _log = LogManager.GetLogger(typeof(TokenManagementServices));

        public TokenManagementServices(IAuthServices authServices)
        {
            _authServices = authServices;
        }

        public bool CheckTokenNo(string tokenNo, ref string msg)
        {
            try
            {
                TokenManageModel newTokenModel = new TokenManageModel();
                JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
                var readToken = handler.ReadToken(tokenNo) as JwtSecurityToken;
                newTokenModel = _authServices.GetUserDetailsByUserTokenDetailsValue(readToken.Claims.First().Value);
                var securityKey = new SymmetricSecurityKey(Encoding.Default.GetBytes(newTokenModel.SecrateKey));
                SecurityToken securityToken;
                TokenValidationParameters validationParameters = new TokenValidationParameters()
                {
                    ValidAudience = newTokenModel.Audience,
                    ValidIssuer = newTokenModel.Issuer,
                    ValidateLifetime = true,
                    LifetimeValidator = this.LifetimeValidator,
                    IssuerSigningKey = securityKey
                };
                //extract and assign the user of the jwt
                Thread.CurrentPrincipal = handler.ValidateToken(tokenNo, validationParameters, out securityToken);
                return true;
            }
            catch (SecurityTokenValidationException ex)
            {
                LogicalThreadContext.Properties["exception"] = ex;
                _log.Error(ex.Message);
                msg = "Token No Not Match";
                return false;
            }
        }

        private bool LifetimeValidator(DateTime? notBefore, DateTime? expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
        {
            if (expires != null)
            {
                if (DateTime.UtcNow < expires) return true;
            }
            return false;
        }

        public void CreateTokenNo(TokenManageModel tokenManageModel, out string tokenNo)
        {
            var newTokenManageModel = _authServices.GetUserDetails(tokenManageModel);
            tokenNo = "";
            //Set issued at date
            DateTime issuedAt = DateTime.Now;

            //http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token

            var tokenHandler = new JwtSecurityTokenHandler();

            //create a identity and add claims to the user which we want to log in
            ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
            {
                new Claim(ClaimTypes.Name, newTokenManageModel.tokenUser)
            });

            var securityKey = new SymmetricSecurityKey(Encoding.Default.GetBytes(newTokenManageModel.SecrateKey));
            var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
            var token =
                (JwtSecurityToken)
                    tokenHandler.CreateJwtSecurityToken(issuer: newTokenManageModel.Issuer, audience: newTokenManageModel.Audience,
                        subject: claimsIdentity, notBefore: issuedAt, expires: newTokenManageModel.ExpiresTime, signingCredentials: signingCredentials);
            var tokenString = tokenHandler.WriteToken(token);
            tokenNo = tokenString;
        }
    }
}