/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */

/* Cherokee
 *
 * Authors:
 *      Rommel Sanchez Verdejo <rommel@lidsol.org>
 *      Alvaro Lopez Ortega <alvaro@alobbs.com>
 *
 *      This file is  based on valididaor_mysql.c by
 * 	Brian Rosner <brosner@gmail.com>
 *
 * Copyright (C) 2001-2007 Alvaro Lopez Ortega
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of version 2 of the GNU General Public
 * License as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty o
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 * USA
 */
#include "common-internal.h"
#include "validator_pgsql.h"

#include "connection.h"
#include "connection-protected.h"
#include "plugin_loader.h"
#include "util.h"

/* Plug-in initialization
 */
PLUGIN_INFO_VALIDATOR_EASIEST_INIT(pgsql, http_auth_basic | http_auth_digest);


static ret_t
props_free (cherokee_validator_pgsql_props_t *props)
{
	cherokee_buffer_mrproper (&props->host);
	cherokee_buffer_mrproper (&props->port);
	cherokee_buffer_mrproper (&props->user);
	cherokee_buffer_mrproper (&props->passwd);
	cherokee_buffer_mrproper (&props->database);
	cherokee_buffer_mrproper (&props->query);

	return cherokee_validator_props_free_base (VALIDATOR_PROPS(props));
}


ret_t 
cherokee_validator_pgsql_configure (cherokee_config_node_t *conf, cherokee_server_t *srv, cherokee_module_props_t **_props)
{
	cherokee_list_t			 *i;
	cherokee_validator_pgsql_props_t *props;
	
	if(*_props == NULL) {
		CHEROKEE_NEW_STRUCT (n, validator_pgsql_props);
		
		cherokee_validator_props_init_base (VALIDATOR_PROPS (n), MODULE_PROPS_FREE(props_free));
		
		cherokee_buffer_init (&n->host);
		cherokee_buffer_init (&n->port);
		cherokee_buffer_init (&n->user);
		cherokee_buffer_init (&n->passwd);
		cherokee_buffer_init (&n->database);
		cherokee_buffer_init (&n->query);
		n->use_md5_passwd = false;

		*_props = MODULE_PROPS (n);
	}
	
	props = PROP_PGSQL(*_props);
	
	cherokee_config_node_foreach (i, conf) {
		cherokee_config_node_t *subconf = CONFIG_NODE(i);
		
		if (equal_buf_str (&subconf->key, "host")) {
			cherokee_buffer_add_buffer (&props->host, &subconf->val);

		} else if (equal_buf_str (&subconf->key, "port")) {
			cherokee_buffer_add_buffer (&props->port, &subconf->val);

		} else if (equal_buf_str (&subconf->key, "user")) {
			cherokee_buffer_add_buffer (&props->user, &subconf->val);

		} else if (equal_buf_str (&subconf->key, "passwd")) {
			cherokee_buffer_add_buffer (&props->passwd, &subconf->val);			

		} else if (equal_buf_str (&subconf->key, "database")) {
			cherokee_buffer_add_buffer (&props->database, &subconf->val);

		} else if (equal_buf_str (&subconf->key, "query")) {
			cherokee_buffer_add_buffer (&props->query, &subconf->val);

		} else if (equal_buf_str (&subconf->key, "use_md5_passwd")) {
			props->use_md5_passwd = atoi (subconf->val.buf);

		} else if ((equal_buf_str (&subconf->key, "methods") || 
			    equal_buf_str (&subconf->key, "realm"))) 
		{
			/* not handled here
			 */
		} else {
			PRINT_MSG ("ERROR: Validator PGSQL: Unknown key: '%s'\n", subconf->key.buf);
			return ret_error;
		}
	}

	/* Checks
	 */

	if (cherokee_buffer_is_empty (&props->host)) {
		PRINT_MSG ("Validator PGSQL: host value not supplied: using localhost as default\n");
		cherokee_buffer_add(&props->host, PGSQL_DEFAULT_HOST, PGSQL_DEFAULT_HOST_LENGTH);
	}

	if (cherokee_buffer_is_empty (&props->port)) {
		PRINT_MSG ("Validator PGSQL: port value not supplied: using 5432 as default\n");
		cherokee_buffer_add_long10(&props->port, PGSQL_DEFAULT_PORT);
	}

	if (cherokee_buffer_is_empty (&props->user)) {
		PRINT_ERROR_S ("ERROR: PGSQL validator: an 'user' entry is needed\n");
		return ret_error;
	}
	if (cherokee_buffer_is_empty (&props->passwd)) {
		PRINT_ERROR_S ("ERROR: PGSQL validator: an 'passwd' entry is needed\n");
		return ret_error;
	}
	if (cherokee_buffer_is_empty (&props->database)) {
		PRINT_ERROR_S ("ERROR: PGSQL validator: an 'database' entry is needed\n");
		return ret_error;
	}
	if (cherokee_buffer_is_empty (&props->query)) {
		PRINT_ERROR_S ("ERROR: PGSQL validator: an 'query' entry is needed\n");
		return ret_error;
	}

	return ret_ok;
}


static ret_t
init_pgsql_connection (cherokee_validator_pgsql_t *pgsql, cherokee_validator_pgsql_props_t *props)
{

	ConnStatusType 		conn_status;
	
	pgsql->conn = PQsetdbLogin (	props->host.buf, 
					props->port.buf,
					NULL,			/* PGSQL Options */
					NULL, 			/* TTY */
					props->database.buf, 
					props->user.buf, 
					props->passwd.buf);
	
	conn_status = PQstatus( pgsql->conn );
	
	if ( conn_status != CONNECTION_OK) {
		PRINT_ERROR ("Unable to connect to PGSQL server: %s:%s %s\n", 
			     props->host.buf, props->port.buf , PQerrorMessage (pgsql->conn));
		/* PQfinish(pgsql->conn);*/
		return ret_error;
	}
	
	TRACE (ENTRIES, "Connected to (%s:%d)\n", props->host.buf, props->port);
	return ret_ok;
}


ret_t 
cherokee_validator_pgsql_new (cherokee_validator_pgsql_t **pgsql, cherokee_module_props_t *props)
{
	ret_t ret;
	CHEROKEE_NEW_STRUCT (n, validator_pgsql);

	cherokee_validator_init_base (VALIDATOR(n), VALIDATOR_PROPS(props), PLUGIN_INFO_VALIDATOR_PTR(pgsql));
	VALIDATOR(n)->support = http_auth_basic | http_auth_digest;

	MODULE(n)->free           = (module_func_free_t)           cherokee_validator_pgsql_free;
	VALIDATOR(n)->check       = (validator_func_check_t)       cherokee_validator_pgsql_check;
	VALIDATOR(n)->add_headers = (validator_func_add_headers_t) cherokee_validator_pgsql_add_headers;

	/* Initialization
	 */
	ret = init_pgsql_connection (n, PROP_PGSQL(props));
	if (ret != ret_ok) {
		cherokee_validator_pgsql_free (n);
		return ret;
	}

	/* Return obj
	 */
	*pgsql = n;
	return ret_ok;
}


ret_t 
cherokee_validator_pgsql_free (cherokee_validator_pgsql_t *pgsql)
{
	if (pgsql->conn != NULL) {
		PQfinish (pgsql->conn);
	}

	return ret_ok;
}


ret_t 
cherokee_validator_pgsql_check (cherokee_validator_pgsql_t *pgsql, cherokee_connection_t *conn)
{
	ret_t                             ret;

	cint_t                            n_tuples;
	PGresult			 *pg_res;
	ExecStatusType			  pg_status;
	
	cherokee_buffer_t                 db_passwd   = CHEROKEE_BUF_INIT;
	cherokee_buffer_t                 user_passwd = CHEROKEE_BUF_INIT;
	cherokee_buffer_t                 query       = CHEROKEE_BUF_INIT;
	cherokee_validator_pgsql_props_t *props	      = VAL_PGSQL_PROP(pgsql);

	/* Sanity checks
	 */
	if (unlikely ((conn->validator == NULL) || 
		      cherokee_buffer_is_empty (&conn->validator->user))) {
		return ret_error;
	}

	if (unlikely (strcasestr (conn->validator->user.buf, " or ") != 0x0 ))
		return ret_error;

	ret = cherokee_buffer_cnt_cspn (&conn->validator->user, 0, "'\";");
	if (ret != conn->validator->user.len)
		return ret_error;

	/* Build query
	 */
	cherokee_buffer_add_buffer (&query, &props->query);
	cherokee_buffer_replace_string (&query, "${user}", 7, conn->validator->user.buf, conn->validator->user.len);

	/* Execute query
	 */
	pg_res = PQexec (pgsql->conn, query.buf);
	pg_status = PQresultStatus ( pg_res );

	if ( likely ( pg_status != PGRES_TUPLES_OK )  ){
		TRACE (ENTRIES, "Unable to execute authenication query: %s\n", PQerromessage (pgsql->conn));
		ret = ret_error;
		goto error;
	}
	
	n_tuples = PQntuples (pg_res);
		

	if ( n_tuples <= 0) {
		TRACE (ENTRIES, "User %s was not found\n", conn->validator->user.buf);
		ret = ret_not_found;
		goto error;
	} else if  (n_tuples > 1) {
		TRACE (ENTRIES, "The user %s is not unique in the DB\n", conn->validator->user.buf);
		ret = ret_deny;
		goto error;
	}

	/* Copy the user information
	 */

	if ((props->use_md5_passwd) || 
	    (conn->req_auth_type == http_auth_digest)) {
		cherokee_buffer_add_buffer (&user_passwd, &conn->validator->passwd);
		cherokee_buffer_encode_md5_digest (&user_passwd);
	} else {
		cherokee_buffer_add_buffer (&user_passwd, &conn->validator->passwd);
	}
	
	cherokee_buffer_add (&db_passwd, PQgetvalue(pg_res, FIRST_ROW, FIRST_COLUMN), 
				(size_t) PQgetlength(pg_res, FIRST_ROW, FIRST_COLUMN) );

	/* Check it out
	 */
	switch (conn->req_auth_type) {
	case http_auth_basic:
		ret = cherokee_buffer_case_cmp_buf (&user_passwd, &db_passwd);
		ret = (ret == 0) ? ret_ok : ret_deny;
		break;

	case http_auth_digest:
		ret = cherokee_validator_digest_check (VALIDATOR(pgsql), &db_passwd, conn);
		break;

	default:
		SHOULDNT_HAPPEN;
		ret = ret_error;
		goto error;
	}

	if (ret != ret_ok) {
		TRACE (ENTRIES, "User %s did not properly authenticate.\n", conn->validator->user.buf);
		ret = ret_not_found;
		goto error;
	}

	TRACE (ENTRIES, "Access to user %s has been granted\n", conn->validator->user.buf);

	/* Clean-up
	 */
	
	cherokee_buffer_mrproper (&query);
	cherokee_buffer_mrproper (&db_passwd);
	cherokee_buffer_mrproper (&user_passwd);

	PQclear (pg_res);
	
	return ret_ok;

error:
	cherokee_buffer_mrproper (&query);
	cherokee_buffer_mrproper (&db_passwd);
	cherokee_buffer_mrproper (&user_passwd);
	
	PQclear (pg_res);
	
	return ret;
}


ret_t 
cherokee_validator_pgsql_add_headers (cherokee_validator_pgsql_t *pgsql, cherokee_connection_t *conn, cherokee_buffer_t *buf)
{
	return ret_ok;
}