'''
Created on Apr 2, 2012

@author: leifj
'''

from saml2 import server, BINDING_SOAP
from saml2 import soap
from saml2 import config
import logging
from django.contrib.auth.models import User
from django.http import HttpResponse, HttpResponseBadRequest
from saml2.metadata import entity_descriptor
from saml2.saml import NAME_FORMAT_URI
from django.conf import settings
from django.views.decorators.csrf import csrf_exempt

def get_full_path(request,path=None):
    if path == None:
        path = request.path
    full_path = ('http', ('', 's')[request.is_secure()], '://', request.META['HTTP_HOST'], path)
    return ''.join(full_path)

def _config(request):
    host = request.get_host().replace(":","-")
    c = {
            "entityid" : get_full_path(request,"/saml2/entity"),
            "description": "COIP",
            "service": {
                "aa": {
                    "name" : "COIP",
                    "endpoints" : {
                        "attribute_service" : [(get_full_path(request,"/saml2/aq"), BINDING_SOAP)],
                    },
                    "policy": {
                        "default": {
                            "lifetime": {"minutes":15},
                            "attribute_restrictions": None, # means all I have
                            "name_form": NAME_FORMAT_URI
                        },
                    },
                    "subject_data": ("dict", {}),
                }
            },
            "debug" : 1,
            "key_file" : "%s/%s.key" % (settings.SSL_KEY_DIR,host),
            "cert_file" : "%s/%s.crt" % (settings.SSL_CRT_DIR,host),
            "attribute_map_dir" : "%s/saml2/attributemaps" % settings.BASE_DIR,
            "metadata" : {
                "local": ["%s/saml2/metadata/sp.xml" % settings.BASE_DIR],
            },
            "organization": {
                "display_name": "COIP on %s" % host,
                "name": "COIP on %s" % host,
                "url": get_full_path(request,"/"),
            },
         }
    return c

def _aa_reply(aa, aq, user, sp_entityid):
    consumer_url = aa.metadata.consumer_url(aq.issuer.text)
    in_response_to = aq.id
    name_id = aq.subject.name_id

    logging.info("name_id: %s" % name_id)
    return  aa.do_aa_response(in_response_to, 
                              consumer_url,
                              sp_entityid,
                              identity=user,
                              name_id=name_id,
                              issuer=aa.conf.entityid)

def metadata(request):
    cnf = config.Config().load(_config(request), metadata_construction=True)
    ed = entity_descriptor(cnf, 0)
    return HttpResponse(content=ed,content_type="text/xml")

@csrf_exempt
def aq(request):
    if request.method == 'POST':
        cnf = config.Config().load(_config(request))
        aa = server.Server(config=cnf, log=logging, debug=1, stype="aa")
        request_xml = soap.parse_soap_enveloped_saml_attribute_query(request.raw_post_data)
        logging.debug(request_xml)
        (subject, attribute, aq) = aa.parse_attribute_query(request_xml,False)
        sp_entityid = aq.issuer.text
        
        claims = {}
        try:
            logging.debug("Subject: %s" % subject.text)
            user = User.objects.get(username=subject.text)
            p = user.get_profile()
            claims = {'uid': user.username,'displayName': p.display_name}
        except Exception,exc:
            logging.debug(exc)
            pass
        
        aa_response = _aa_reply(aa, aq, claims, sp_entityid)
        xml = soap.make_soap_enveloped_saml_thingy(aa_response)
        logging.debug(xml)
        return HttpResponse(content=xml, content_type="application/soap+xml")
    else:
        return HttpResponseBadRequest("<html><head><title>No</title></head><body><h1>Bad Request</h1><p>Go sell crazy someplace else, we're all stocked up here!</p></body></html>")