<?php
defined('_JEXEC') or die('Restricted access');

jimport('saml.log');

class plgAuthenticationSAMLSSP extends JPlugin {
 
	function onUserAuthenticate($credentials, $options, &$response)
	{         JLog::addLogger(array('text_file' => 'saml.log' ),JLog::ALL,array('saml.log'));
	          
		 
	      require_once('/srv/www/simplesamlphp/www/_include.php');	 
	     // Instantiate our SP configuration
		 $as = new SimpleSAML_Auth_Simple($this->params->get('spdef'));
		 
		 
	
		 if (!$as->isAuthenticated()) 
		{
	            
		
		    $as->requireAuth();
		      $attributes = $as->getAttributes();
	          
	           JLog::add(JText::_($attributes), JLog::INFO , 'saml.log');
	    
	    
	      if (!isset($attributes['uid'])) {
			
                        JLog::add(JText::_('No uid provided for user' ), JLog::ERROR , 'saml.log');
			$response->status = JAuthentication::STATUS_FAILURE;
			return false;
		}
		
	            exit();	 
		 }
		
	        
		$this->_mapToResponse($response, $as->getAttributes());
		
	       $this->_updateUserDB($response);
		 
		$response->status = JAuthentication::STATUS_SUCCESS;
		
		$response->error_message = '';
		
		   
		return true;
	}
 
	function _updateUserDB($response)
	{
		 
		$userid = JUserHelper::getUserId($response->username);
		 
		 
		if ($userid) {
			//$user = JFactory::getUser($userid);
			 //JLog::add(JText::_('Fethed user with uid :'.$user  ), JLog::INFO , 'saml.log');
			 
			 //$changed = true;
	                //if ($changed) {
	                 //$user->save(true);	// true means: updateOnly
		       //JLog::add(JText::_('   updateUserDB user changed and saved '    ), JLog::INFO , 'joomla.log');
			// }
			
		} 
		else 
		{         // Store as new user
			 $user = new JUser();
			 // explicitly clear password, so it gets initialized randomly by Joomla
			 $response->password = null;
			//set default groups sto registered and edugain
			$def_groups= array('2'=>2,'10'=>10);
			 $user->groups = $def_groups;
			  $user->save();

			 JLog::add(JText::_('UpdateUserDB saved new user'.$user  ), JLog::INFO , 'saml.log');
		}
		
		$this->get_groups($user);
		 
	}
	
	public function get_groups($user)
	{
	
	  $userid = JUserHelper::getUserId($user->username);
	 
	 
	 foreach ($user->groups as $groupId => $value){
    $db = JFactory::getDbo();
    $db->setQuery(
        'SELECT `title`' .
        ' FROM `#__usergroups`' .
        ' WHERE `id` = '. (int) $groupId
    );
    $groupNames .= $db->loadResult();
    $groupNames .= '<br/>';
}

  JLog::add(JText::_('user groups:'.$groupNames  ), JLog::INFO , 'saml.log');
 return $groupNames;

}

	 function _getSSPAttributeFirstValue($key, $attributes, $default = null) {
		 if (! array_key_exists($key, $attributes)) {return $default;}
		return $attributes[$key][0];
	}
	
	
	 
	private function _mapToResponse(&$response, $samlresponse) {
		// Get all configured parameters into an array
		 
		  
		$configured = $this->params->toArray();
		
		foreach ($configured as $k => $v) {
			// Consider configuration parameter, when its name starts with 'map_'
			if (strpos($k, 'map_')===0) {
				$mapk = substr($k, 4); 
				if ($v != '') {
					$response->$mapk = $this->_getSSPAttributeFirstValue($v, $samlresponse);
			 
			  JLog::add(JText::_('maped '.$v." to ".$response->$mapk), JLog::INFO, 'saml.log'); 
				}
			}
		}
		 
	}
	
	}