/* Helper function: saves specified value to persistent storage: into cookies and
html 5 session storage which may not be available in old browsers. There
may be problems wiht using cookies in IE inside iframe (it requires p3p header),
that's why we need some another storage*/
function saveToStorage(key, val) {
    $.cookie(key, val);
    if (sessionStorage) {
        sessionStorage.setItem(key, val);
    }
}

/* Helper function: gets value by specified key from cookie. If cookie is not available
(see comment above), then it uses html 5 session storage */
function getFromStorage(key) {
    var result = $.cookie(key);
    if (!result && sessionStorage) {
        result = sessionStorage.getItem(key);
    }
    return result;
}

/* Helper function: cleanups previos results and errors */
function cleanup() {
    $(".error").empty();
    $("#results").empty();
}

/* Helper function: reads query string parameters */
function getQueryVariable(variable) {
    var query = window.location.search.substring(1);
    if (query == "") {
        var hashIndex = document.location.href.indexOf("#");
        if (hashIndex > 0) {
            query = document.location.href.substring(hashIndex + 1);
        }
    }

    var vars = query.split("&");
    for (var i = 0; i < vars.length; i++) {
        var pair = vars[i].split("=");
        if (pair[0] == variable) {
            return pair[1];
        }
    }
    return false;
}

/* Gets roles from Taloyhtio API using CORS with jquery.ajax() */
function getRoles() {
    // read token from query string
    var accessToken = getQueryVariable("access_token");
    if (!accessToken) {
        $(".error").html("Access token not obtained. Before to call API, obtain access token first.");
        return;
    }
    
    // retrieve previously stored site url from storage
    var siteUrl = getFromStorage("pmcSiteUrl");
    if (!siteUrl) {
        $(".error").html("PMC site url not specified. Specify PMC site url in siteUrl query string parameter.");
        return;
    }
    
    // make HTTP GET ajax call to Taloyhtio REST API
    $.ajax({
        type: 'GET',
        url: 'https://api.generalsso.com/dataapi.svc/getroles?siteUrl=' + siteUrl,
        dataType: 'json',
        contentType: 'application/json; charset=utf-8',
        // access token is specified in Authorization HTTP header by the following way:
        // Authorization: Bearer {token}
        headers: { 'Authorization': 'Bearer ' + accessToken },
        success: function(result) {
            // display roles in user friendly form
            cleanup();
            if (result && result.d && result.d.Roles) {
                var content = "User email: " + result.d.Email + "<br/>";
                content = content.concat("<table class='results'>");
                content = content.concat("<tr>");
                content = content.concat("  <th>Condo short name</th>");
                content = content.concat("  <th>Condo or PMC?</th>");
                content = content.concat("  <th>Role</th>");
                content = content.concat("  <th>Web id</th>");
                content = content.concat("  <th>Web url</th>");
                content = content.concat("</tr>");
                var roles = result.d.Roles;
                for (var i = 0; i < roles.length; i++) {
                    content = content.concat("<tr>");
                    var r = roles[i];
                    content = content.concat("  <td>" + r.CondoShortName + "</td>");
                    content = content.concat("  <td>" + (r.IsCondo ? "Condo" : "PMC") + "</td>");
                    content = content.concat("  <td>" + r.Name + "</td>");
                    content = content.concat("  <td>" + r.WebId + "</td>");
                    content = content.concat("  <td>" + r.WebUrl + "</td>");
                    content = content.concat("</tr>");
                }
                content = content.concat("</table>");
                $("#results").append(content);
            }
        },
        error: function(xhr, textStatus, errorThrown) {
            cleanup();
            // in case of error, actual error message may be returned in WWW-Authenticate header.
            // The problem however that not all browsers may read it in javascript.
            // E.g. FF can't read it, but Chrome may.
            var authenticateHeader = xhr.getResponseHeader("WWW-Authenticate");
            if (authenticateHeader) {
                authenticateHeader = decodeURIComponent(authenticateHeader);
            }
            $(".error").append("Server returned error:<br/>");
            $(".error").append("Status: " + xhr.status + "<br/>");
            $(".error").append("Text status: " + textStatus + "<br/>");
            $(".error").append("Response text: " + xhr.responseText + "<br/>");
            $(".error").append("Thrown error: " + errorThrown + "<br/>");
            $(".error").append("WWW-Authenticate header: " + authenticateHeader + "<br/>");
        }
    });
}

/* Redirects user to the permissions request page where user is asked for permissions */
function getAccessToken() {
    var url = 'http://localhost:17588/_layouts/taloyhtio/oauth/authenticated/authorize.aspx';
    url = url + '?client_id=test';
    url = url + '&scope=ReadRoles';
    url = url + '&redirect_uri=' + encodeURIComponent('http://client.generalsso.com');
    url = url + '&response_type=token';
    document.location = url;
}

/* DOM-ready handler */
$(function() {
    // attach handlers to get token and get roles buttons
    $("#btnGetToken").click(getAccessToken);
    $("#btnGetRoles").click(getRoles);

    // if user denies access, then permissions request page will redirect user
    // to the client's page with error query string paramer. In this case we
    // will read it and display
    var er = getQueryVariable("error");
    if (er) {
        cleanup();
        $(".error").html(decodeURIComponent(er));
    }

    var status = "";
    // read siteUrl parameter from query string and save it to persistent storage
    // which will reserve it accrooss redirects to different sites
    var siteUrl = getQueryVariable("siteUrl");
    if (siteUrl) {
        saveToStorage("pmcSiteUrl", siteUrl);
        status += "PMC site url from where roles will be retrieved: " + siteUrl + ".<br/>";
    }

    // if user allows access, then permissions request page will redirect user
    // to the client's page with access token query string paramer
    var access_token = getQueryVariable("access_token");
    if (access_token) {
        status += "Access token received.";
    } else {
        status += "Access token is not received. In order to get roles, obtain access token first.";
    }
    $(".status").html(status);
});