// Copyright (c) Microsoft. All rights reserved.
//
// Licensed under the MIT license.

using System;
using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using NuGet.Protocol.Plugins;
using NuGetCredentialProvider.CredentialProviders;
using NuGetCredentialProvider.Logging;
using NuGetCredentialProvider.Util;

namespace NuGetCredentialProvider.RequestHandlers
{
    /// <summary>
    /// Handles a <see cref="GetAuthenticationCredentialsRequest"/> and replies with credentials.
    /// </summary>
    internal class GetAuthenticationCredentialsRequestHandler : RequestHandlerBase<GetAuthenticationCredentialsRequest, GetAuthenticationCredentialsResponse>
    {
        private readonly ICache<Uri, string> cache;
        private readonly IReadOnlyCollection<ICredentialProvider> credentialProviders;
        private readonly TimeSpan progressReporterTimeSpan = TimeSpan.FromSeconds(2);

        /// <summary>
        /// Initializes a new instance of the <see cref="GetAuthenticationCredentialsRequestHandler"/> class.
        /// </summary>
        /// <param name="logger">A <see cref="ILogger"/> to use for logging.</param>
        /// <param name="credentialProviders">An <see cref="IReadOnlyCollection{ICredentialProviders}"/> containing credential providers.</param>
        /// <param name="cache">An <see cref="ICache{TKey, TValue}"/> cache to store found credentials.</param>
        public GetAuthenticationCredentialsRequestHandler(ILogger logger, IReadOnlyCollection<ICredentialProvider> credentialProviders, ICache<Uri, string> cache)
            : base(logger)
        {
            this.credentialProviders = credentialProviders ?? throw new ArgumentNullException(nameof(credentialProviders));
            this.cache = cache;
        }

        public GetAuthenticationCredentialsRequestHandler(ILogger logger, IReadOnlyCollection<ICredentialProvider> credentialProviders, CancellationToken cancellationToken)
            : this(logger, credentialProviders, null)
        {
            this.cache = GetSessionTokenCache(logger, cancellationToken);
        }

        public override async Task<GetAuthenticationCredentialsResponse> HandleRequestAsync(GetAuthenticationCredentialsRequest request)
        {
            Logger.Verbose(string.Format(Resources.HandlingAuthRequest, request.Uri.AbsoluteUri, request.IsRetry, request.IsNonInteractive, request.CanShowDialog));

            if (request?.Uri == null)
            {

                return new GetAuthenticationCredentialsResponse(
                    username: null,
                    password: null,
                    message: Resources.RequestUriNull,
                    authenticationTypes: null,
                    responseCode: MessageResponseCode.Error);
            }

            Logger.Verbose(string.Format(Resources.Uri, request.Uri.AbsoluteUri));

            foreach (ICredentialProvider credentialProvider in credentialProviders)
            {
                if (await credentialProvider.CanProvideCredentialsAsync(request.Uri) == false)
                {
                    Logger.Verbose(string.Format(Resources.SkippingCredentialProvider, credentialProvider, request.Uri.AbsoluteUri));
                    continue;
                }
                Logger.Verbose(string.Format(Resources.UsingCredentialProvider, credentialProvider, request.Uri.AbsoluteUri));

                if (credentialProvider.IsCachable && TryCache(request, out string cachedToken))
                {
                    return new GetAuthenticationCredentialsResponse(
                        username: "VssSessionToken",
                        password: cachedToken,
                        message: null,
                        authenticationTypes: new List<string> { "Basic" },
                        responseCode: MessageResponseCode.Success);
                }

                try
                {
                    GetAuthenticationCredentialsResponse response = await credentialProvider.HandleRequestAsync(request, CancellationToken).ConfigureAwait(continueOnCapturedContext: false);
                    if (response != null && response.ResponseCode == MessageResponseCode.Success)
                    {
                        if (cache != null && credentialProvider.IsCachable)
                        {
                            Logger.Verbose(string.Format(Resources.CachingSessionToken, request.Uri.AbsoluteUri));
                            cache[request.Uri] = response.Password;
                        }

                        return response;
                    }
                    else if (!string.IsNullOrWhiteSpace(response?.Message))
                    {
                        Logger.Verbose(response.Message);
                    }
                }
                catch (Exception e)
                {
                    Logger.Error(string.Format(Resources.AcquireSessionTokenFailed, e.ToString()));

                    return new GetAuthenticationCredentialsResponse(
                        username: null,
                        password: null,
                        message: e.Message,
                        authenticationTypes: null,
                        responseCode: MessageResponseCode.Error);
                }
            }

            Logger.Verbose(Resources.CredentialsNotFound);
            return new GetAuthenticationCredentialsResponse(
                username: null,
                password: null,
                message: null,
                authenticationTypes: null,
                responseCode: MessageResponseCode.NotFound);
        }

        protected override AutomaticProgressReporter GetProgressReporter(IConnection connection, Message message, CancellationToken cancellationToken)
        {
            Logger.Verbose(string.Format(Resources.CreatingProgressReporter, progressReporterTimeSpan.ToString()));
            return AutomaticProgressReporter.Create(connection, message, progressReporterTimeSpan, cancellationToken);
        }

        private static ICache<Uri, string> GetSessionTokenCache(ILogger logger, CancellationToken cancellationToken)
        {
            if (EnvUtil.SessionTokenCacheEnabled())
            {
                logger.Verbose(string.Format(Resources.SessionTokenCacheLocation, EnvUtil.SessionTokenCacheLocation));
                return new SessionTokenCache(EnvUtil.SessionTokenCacheLocation, logger, cancellationToken);
            }

            logger.Verbose(Resources.SessionTokenCacheDisabled);
            return new NoOpCache<Uri, string>();
        }

        private bool TryCache(GetAuthenticationCredentialsRequest request, out string cachedToken)
        {
            cachedToken = null;

            Logger.Verbose(string.Format(Resources.IsRetry, request.IsRetry));
            if (request.IsRetry)
            {
                Logger.Verbose(string.Format(Resources.InvalidatingCachedSessionToken, request.Uri.AbsoluteUri));
                cache?.Remove(request.Uri);
                return false;
            }
            else if (cache.TryGetValue(request.Uri, out string password))
            {
                Logger.Verbose(string.Format(Resources.FoundCachedSessionToken, request.Uri.AbsoluteUri));
                cachedToken = password;
                return true;
            }

            Logger.Verbose(string.Format(Resources.CachedSessionTokenNotFound, request.Uri.AbsoluteUri));
            return false;
        }
    }
}