package com.standardset.web.filter;

import org.apache.log4j.Category;

import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequestWrapper;
import java.util.Collection;
import java.util.LinkedList;
import java.util.StringTokenizer;
import java.io.IOException;
import java.security.Principal;


public class PrincipalFilter implements Filter {

  private final static Category
    log = Category.getInstance(PrincipalFilter.class);

  private final static String
    PRINCIPAL = "com.standardset.web.filter.PrincipalFilter.PRINCIPAL";

  private static final class PrincipalFilterRequest extends HttpServletRequestWrapper {
    private Principal
      principal;

    public PrincipalFilterRequest(final HttpServletRequest request, final Principal principal) {
      super(request);
      this.principal = principal;
    }

    public Principal getUserPrincipal() {
      return
        principal;
    }
  }

  public void init(FilterConfig cfg) {
  }

  public void destroy() {
  }

  public void
    doFilter(
    ServletRequest req,
    final ServletResponse res,
    final FilterChain chain
    ) throws
      IOException,
      ServletException
  {
    //Assume we are doing a http request
    //
    final HttpServletRequest
      request = (HttpServletRequest) req;

    final HttpSession
      session = request.getSession(false);

    //If we have a session then continue, otherwise, does not apply
    //
    if (session != null) {
      //Get the principal, if it's not null, then we are logged in
      //
      final Principal
        principal =
          request.getUserPrincipal();

      //If we don't have a principal, see if we have one already stored in the session
      //
      if (principal == null) {
        //If we have one in the session then use it
        //
        final Principal
          sessionPrincipal =
            (Principal)
            session.getAttribute(PRINCIPAL);

        //If we have a principal in the session then use it
        //
        if (sessionPrincipal != null) {
          System.out.println("********************************************* READING FROM PRINCIPAL FROM SESSION");
          req =
            new PrincipalFilterRequest(
              request,
              sessionPrincipal
            );
        }
      }
      else {
        System.out.println("****************************************** WRITING PRINCIPAL TO SESSION");
        //We have a principal, store it in the session as well
        //
        session.setAttribute(PRINCIPAL, principal);
      }
    }

    //Next
    //
    chain.doFilter(req, res);
  }
}