using Microsoft.WindowsAzure.Storage;
using Microsoft.WindowsAzure.Storage.Table;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Authentication;
using System.Web;

namespace Tango.MachineService.Security
{
    public class TokenManager
    {
        private CloudTable GetTokensTable()
        {
            CloudStorageAccount storageAccount = CloudStorageAccount.Parse(MachineServiceConfig.STORAGE_ACCOUNT);
            var client = storageAccount.CreateCloudTableClient();
            var table = client.GetTableReference("Tokens");
            table.CreateIfNotExists();
            return table;
        }

        public void AddToken(String token, String identity, DateTime expiration)
        {
            var table = GetTokensTable();

            table.Execute(TableOperation.InsertOrReplace(new TokenEntity()
            {
                PartitionKey = MachineServiceConfig.REFRESH_TOKENS_TABLE_PARTITION,
                RowKey = Guid.NewGuid().ToString(),
                AccessToken = token,
                Identity = identity,
                Expiration = expiration,
            }));
        }

        public void UpdateToken(String oldToken, String newToken, DateTime expiration)
        {
            var table = GetTokensTable();

            var existingToken = table.CreateQuery<TokenEntity>().AsQueryable().Where(x => x.AccessToken == oldToken).ToList().FirstOrDefault();

            if (existingToken == null)
            {
                throw new AuthenticationException("Invalid token.");
            }

            existingToken.AccessToken = newToken;
            existingToken.Expiration = expiration;

            table.Execute(TableOperation.InsertOrMerge(existingToken));
        }
    }
}