<?php

define('cn_StsAuthGridGrid', 'StsAuth_Grid');
require_once('class/DB/Grid/Grid.php');
require_once 'class/HTTP.php';

class StsAuth_Grid extends DB_Grid 
{
    var $_identity;
    var $_stsUrlDomain = null;
	var $_stsSessionId;
	var $_code = null;
	var $_messageCodeGen = '';
	var $actions = array(
        'view'         => '_doView',
        'login'        => '_doLogin',
        'generateCode' => '_doGenerateCode'
    );
    
    function StsAuth_Grid(&$Doc, &$DBObj)
    {
        Constant::set('CODE_GEN_OK', 2);
        Constant::set('CODE_GEN_EMPTY', 3);
        Constant::set('CODE_GEN_DENNY', 4);
        Constant::set('MESSAGE_CODE_GEN_DENNY', 'You cannot login to our online support system. Please %contactUs% for more details.');
        Constant::set('FAILED_STS_RESPONSE', 'Failed response from online support system');
        
        $this->DB_Grid(&$Doc, &$DBObj);
        $this->_identity = $Doc->UserAuth->getData();
        $DBObj->id = (int) $this->_identity['id'];
        $contactUs = 'contact us';
		if (null != ($contactUsLink = STSContactUsLink)) {
			$contactUs = '<a href="' . $contactUsLink . '" target="_blank">contact us</a>';
		}
		$this->_messageCodeGen = str_replace('%contactUs%', $contactUs, Constant::get('MESSAGE_CODE_GEN_DENNY'));
        $this->_stsUrlDomain = STSUrlDomain;
    }
    
    function exec()
    {
        if ('n' == $this->getStsLoginEnabled()) {
			skHTTP::redirect(Constant::get('BASE_URL') . '/admin');
        }
		$this->Doc->setTitle('');
		$this->Doc->addItem(array('tpl' => 'StsAuth/redirect-to-sts-item.tpl'));
        parent::exec();
    }
    
    function getStsLoginEnabled()
    {
        return $this->Doc->getStsLoginEnabled();
    }

    function getStsUrlDomain()
    {
        if (null === $this->_stsUrlDomain) {          
            die('Online Support System Url is not defined');
        }
        return $this->_stsUrlDomain;
    }

    function getLoginForm()
    {
        $form = $this->_getBaseForm();
        $form->setAttribute('id', 'sts_login_form');
        $form->addElement('text', 'sts_login', 'STS Login:');
        $form->addElement('password', 'sts_password', 'STS Password:');
        $form->addElement('hidden', 'action');
        $form->cancelTitle = 'Reset';
        $form->cancelType = FORM_CBT_RESET;
        $form->submitTitle = 'Login';
        $form->addRuleRequired(array('sts_login', 'sts_password'));
        return $form;
    }
       
    function _doView()
    {   
        if (null == ($this->_code = $this->DBObj->getStsAuthCode())) {
            $form = $this->getLoginForm();
            $this->_renderMainForm($form);
        } else {
            if (Constant::get('CODE_GEN_OK') == ($resultCodeGen = $this->_doStsToGenCode())) {
                $this->_redirectToSts();
                return $this;
            } elseif ($resultCodeGen == Constant::get('CODE_GEN_EMPTY')) {
                $form = $this->getLoginForm();
                $this->_renderMainForm($form);
            } elseif ($resultCodeGen == Constant::get('CODE_GEN_DENNY')) {
                $this->displayMessage($this->_messageCodeGen);
            } elseif (!$resultCodeGen) {
                $this->displayMessage(Constant::get('FAILED_STS_RESPONSE'));
            }
        }
        return $this;
    }

    function _doLogin()
    {
        $form = $this->getLoginForm();
        if ($form->validate()) {
            if (Constant::get('CODE_GEN_OK') === 
                ($resultCodeGen = $this->_doStsToGenCode($form->exportValue('sts_login'), $form->exportValue('sts_password')))) 
            {
                $this->_redirectToSts();
                return $this;
            } elseif ($resultCodeGen == Constant::get('CODE_GEN_EMPTY')) {
                $this->displayError('Invalid Login or Password');
            } elseif ($resultCodeGen == Constant::get('CODE_GEN_DENNY')) {
                $this->displayMessage($this->_messageCodeGen);
                return $this;
            } elseif (!$resultCodeGen) {
                $this->displayMessage(Constant::get('FAILED_STS_RESPONSE'));
            }
        }
        $this->_renderMainForm($form);
    }

    function _renderMainForm($form)
    {
        $form->setDefaults(array('action' => 'login'));
        $this->Doc->addItemProp('JSs', "js/sts-funcs.js");
        $this->Doc->addInitInlineScript('initLoginForm', 'initLoginForm("' . $form->getAttribute('id') . '");');
        $form->exec();
    }

    function _renderRedirectForm($form)
    {
        $form->setConstants(array('action' => 'remoteLogin'));
        $this->Doc->addItemProp('JSs', "js/sts-funcs.js");
        $this->Doc->addInitInlineScript('initRedirectForm', 'initRedirectForm("' . $form->getAttribute('id') . '");');
        $form->exec(false);
    }

    function _doStsToGenCode($login = null, $passwd = null)
    {
        $dataSend = array('action' => 'getRemoteAuthCode');
        if (!empty($this->_code)) {
            $dataSend['code'] = $this->_code;
        } elseif (!empty($login) && !empty($passwd)) {
            $dataSend['login'] = $login;
            $dataSend['password'] = md5($passwd);
        }

        $c = curl_init($this->getStsUrlDomain() . '/__generate-auth-code');

        curl_setopt($c, CURLOPT_POST, 1);
        curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt($c, CURLOPT_COOKIEJAR, 0);
        curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 400);
        curl_setopt($c, CURLOPT_HEADER, 1);
        curl_setopt($c, CURLOPT_ENCODING, 'gzip,deflate');
        curl_setopt($c, CURLOPT_POSTFIELDS, $dataSend);
        
        $response = $this->prepareCurlResponse(curl_exec($c));
        if(curl_getinfo($c, CURLINFO_HTTP_CODE) !== 200) {
            return false;
        }
        curl_close($c);		
		
		if (isset($response['headers']['transfer-encoding']) && $response['headers']['transfer-encoding'] == 'gzip') {
			$dataCode = $this->decodeGzip($response['body']);
		} else {
			$dataCode = (string) $response['body'];
		}
        preg_match('/\(code\[\/([a-z0-9]{32}|empty|denny)\/\]/', $dataCode, $matches);
        if (!empty($matches[1]) && $matches[1] != 'denny' && $matches[1] != 'empty') {
            $this->DBObj->updateStsLoginCode($matches[1]);
            $this->_code = $matches[1];
            return Constant::get('CODE_GEN_OK');
        } elseif ($matches[1] == 'empty') {
            return Constant::get('CODE_GEN_EMPTY');
        } elseif ($matches[1] == 'denny') {
            return Constant::get('CODE_GEN_DENNY');
        }
        return false;
    }
    
    function decodeGzip($body)
    {
        if (! function_exists('gzinflate')) {
            die('zlib extension is required in order to decode "gzip" encoding');
        }
        return gzinflate(substr($body, 10));
    }
    
    function prepareCurlResponse($response)
    {
        $responseOut = array();
        
        # Headers regex
        $pattern = '#HTTP/\d\.\d.*?$.*?\r\n\r\n#ims';
        
        # Extract headers from response
        preg_match_all($pattern, $response, $matches);
        $headers_string = array_pop($matches[0]);
        $headers = explode("\r\n", str_replace("\r\n\r\n", '', $headers_string));
        
        # Remove headers from the response body
        $responseOut['body'] = str_replace($headers_string, '', $response);
        
        # Extract the version and status from the first header
        $version_and_status = array_shift($headers);
        preg_match('#HTTP/(\d\.\d)\s(\d\d\d)\s(.*)#', $version_and_status, $matches);
        $responseOut['headers']['Http-Version'] = $matches[1];
        
        # Convert headers into an associative array
        foreach ($headers as $header) {
            preg_match('#(.*?)\:\s(.*)#', $header, $matches);
            $responseOut['headers'][$matches[1]] = $matches[2];
        }
        return $responseOut;
    }
    
    function _redirectToSts()
    {
        $this->Doc->addItem(array('tpl' => 'StsAuth/loader.tpl'));
        $redirectForm = $this->_getBaseForm();
		$redirectForm->setAttribute('id', $redirectForm->getAttribute('id') . '-redirect');
        $redirectForm->setAttribute('action', $this->_stsUrlDomain . '/login');
        $redirectForm->addElement('hidden', 'action');
        $redirectForm->addElement('hidden', 'code', $this->_code);
        $this->_renderRedirectForm($redirectForm);
        return $this;
    }   
    
    function displayError($text)
    {
        $this->Doc->addContent(array('tpl' => 'msg_error.tpl', 'text' => $text));
    }
    
    function displayMessage($text)
    {
        $this->Doc->addContent(array('tpl' => 'msg.tpl', 'text' => $text));
    }
}