<?php
defined('_JEXEC') or die('Restricted access');

jimport('saml.log');

class plgAuthenticationSAMLSSP extends JPlugin {
 
	function onUserAuthenticate($credentials, $options, &$response)
	{      
	     JLog::addLogger(array('text_file' => 'saml.log' ),JLog::ALL,array('saml.log'));
	         
		 
	      require_once('/srv/www/simplesamlphp/www/_include.php');	 
	     // Instantiate our SP configuration
		 $as = new SimpleSAML_Auth_Simple($this->params->get('spdef'));
		 
		 if (!$as->isAuthenticated()) 
		{
	        
		
		    $as->requireAuth();
		    
		    $attributes = $as->getAttributes();
	          
	             JLog::add(JText::_($attributes), JLog::INFO , 'saml.log');
	    
	    
	      if (!isset($attributes['uid'])) {
			  JLog::add(JText::_('No uid provided for user' ), JLog::ERROR , 'saml.log');
			$response->status = JAuthentication::STATUS_FAILURE;
			return false;
		}
		
	            exit();	 
		 }
		
	      
		$this->_mapToResponse($response, $as->getAttributes());
		
	        $this->_updateUserDB($response);
		 
		$response->status = JAuthentication::STATUS_SUCCESS;
		
		$response->error_message = '';
		
		   
		return true;
	}
 
	function _updateUserDB($response)
	{
		 
		$userid = JUserHelper::getUserId($response->username);
		// $userid= $response->$uid;
		//JLog::add(JText::_('   updateUserDB user ID'.$userid),JLog::INFO , 'saml.log');
		 
		if ($userid) {
			 //  $user = JFactory::getUser($userid);
			  //  $changed = true;
	                //  if ($changed) {
	                 //  $user->save(true);	// true means: updateOnly
		         // JLog::add(JText::_('updateUserDB '), JLog::INFO , 'saml.log');
		         }
			
		} 
		else 
		{         // Store as new user
			 $user = new JUser();
			 // explicitly clear password, so it gets initialized randomly by Joomla
			 $response->password = null;
			  
			 //set default groups sto registered and edugain
			  $def_groups= array('2'=>2,'10'=>10);
			  $user->groups = $def_groups;
			  $user->save();
                         JLog::add(JText::_('UpdateUserDB saved new user'.$user  ), JLog::INFO , 'saml.log');
		}
		
		$this->get_groups($user);
		 
	}
	
	public function get_groups($user)
	{
	
	  $userid = JUserHelper::getUserId($user->username);
	  JLog::add(JText::_(' user userid '.$userid  ), JLog::INFO , 'saml.log');
	 
	 foreach ($user->groups as $groupId => $value){
    $db = JFactory::getDbo();
    $db->setQuery(
        'SELECT `title`' .
        ' FROM `#__usergroups`' .
        ' WHERE `id` = '. (int) $groupId
    );
    $groupNames .= $db->loadResult();
    $groupNames .= '<br/>';
}

  JLog::add(JText::_('   user groups:'.$groupNames  ), JLog::INFO , 'saml.log');
 return $groupNames;

}

	  function _getSSPAttributeFirstValue($key, $attributes, $default = null) {
		// JLog::add(JText::_(' getSSPAttributeFirstValue'.$attributes[$key][0]), JLog::WARNING, 'joomla.log');
		 if (! array_key_exists($key, $attributes)) {return $default;}
		return $attributes[$key][0];
	}
	
	
	 
	private function _mapToResponse(&$response, $samlresponse) {
		// Get all configured parameters into an array
		 
		  
		$configured = $this->params->toArray();
		
		foreach ($configured as $k => $v) {
			// Consider configuration parameter, when its name starts with 'map_'
			if (strpos($k, 'map_')===0) {
				$mapk = substr($k, 4); 
				if ($v != '') {
			 $response->$mapk = $this->_getSSPAttributeFirstValue($v, $samlresponse);
			 JLog::add(JText::_('mapping to samlresponse '.$k."  ".$this->_getSSPAttributeFirstValue($v, $samlresponse)), JLog::INFO, 'saml.log');
			 
				}
			}
		}
		  JLog::add(JText::_('  eduPersonTargetedID  '.$this->_getSSPAttributeFirstValue('eduPersonTargetedID',$samlresponse)), JLog::INFO, 'saml.log');
		 
		   // $response->uid=$this->_getSSPAttributeFirstValue('eduPersonTargetedID',$samlresponse);
		 
		   // JLog::add(JText::_('  new   response->uid  '.$response->uid, JLog::INFO, 'saml.log');
	 }
	}