/*
 * slcl-android, an Android frontend for slcl
 * Copyright (C) 2023-2024  Xavier Del Campo Romero
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

package org.slcl.core;

import java.io.OutputStream;
import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
import java.net.HttpURLConnection;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;

public final class Login {
    public String login(final boolean https, String url, final String username,
        final String password) throws IOException {

        if (!url.startsWith("https://") && https) {
            url = "https://" + url;
        }
        else if (!url.startsWith("http://")) {
            url = "http://" + url;
        }

        url += "/login";

        final String data = "username=" + username + "&password=" + password;

        URL u = new URL(url);
        HttpURLConnection c;

        if (https) {
            c = (HttpsURLConnection)u.openConnection();
        }
        else {
            c = (HttpURLConnection)u.openConnection();
        }

        c.setRequestMethod("POST");
        c.setInstanceFollowRedirects(false);
        c.setReadTimeout(5000);

        OutputStream os = c.getOutputStream();

        os.write(data.getBytes());

        final int code = c.getResponseCode();

        switch (code)
        {
            case HttpURLConnection.HTTP_FORBIDDEN:
                throw new IOException("Forbidden");

            case HttpURLConnection.HTTP_UNAUTHORIZED:
                throw new IOException("Unauthorized");

            case HttpURLConnection.HTTP_SEE_OTHER:
            {
                final Map<String,List<String>> headers = c.getHeaderFields();
                final List<String> cookies = headers.get("Set-Cookie");

                if (cookies != null) {
                    if (cookies.size() != 1) {
                        throw new IOException("Expected only 1 cookie");
                    }

                    return cookies.toArray(new String[0])[0];
                } else {
                    throw new IOException("No Cookie found");
                }
            }

            default:
                throw new IOException("Unexpected HTTP status " + code);
        }
    }
}