<?php

namespace Catalyst\APIBundle\EventSubscriber;

use Catalyst\APIBundle\Controller\APIController;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\KernelEvents;
use Doctrine\ORM\EntityManagerInterface;

class TokenSubscriber implements EventSubscriberInterface
{
    const HEADER_API_KEY        = 'X-Catalyst-API-Key';
    const HEADER_SIGNATURE      = 'X-Catalyst-Signature';

    const MODE_HEADER           = 'header';
    const MODE_QUERY_STRING     = 'query';

    protected $em;

    public function __construct(EntityManagerInterface $em)
    {
        $this-> em = $em;
    }

    public function onKernelController(FilterControllerEvent $event)
    {
        $controller = $event->getController();

        // not a controller class? (docs said to handle)
        if (!is_array($controller))
            return;


        // not an api controller
        if (!($controller[0] instanceof APIController))
            return;

        // TODO: check if we have a mode setup

        // TODO: if no mode specified default to header

        $req = $event->getRequest();

        // api key header
        $api_key = $req->headers->get(self::HEADER_API_KEY);
        if ($api_key == null)
            throw new AccessDeniedHttpException('No api key sent.');

        // TODO: check valid api key

        // signature header
        $sig = $req->header->get(self::HEADER_SIGNATURE);
        if ($sig == null)
            throw new AccessDeniedHttpException('No signature sent.');

        // TODO: check valid signature

        return;
    }

    public static function getSubscribedEvents()
    {
        return [
            KernelEvents::CONTROLLER => 'onKernelController',
        ];
    }
}