<?php

namespace app\services\base;

class IdServerBase
{
    public $accessToken;


    protected function securePostRequest($path, $data)
    {
        if ($this->accessToken) {
            $root = \Yii::$app->params['id_server']."/admin/realms/nasledstvo.bg";
            $url = $root . $path;
            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            $headers = array(
                "content-type: application/json",
                "Authorization: bearer $this->accessToken",
            );

            $data = json_encode($data);

            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            $resp = curl_exec($curl);
            curl_close($curl);
            return json_decode($resp);
        }
    }

    protected function secureGetRequest($path)
    {
        if ($this->accessToken) {
            $root = \Yii::$app->params['id_server']."/admin/realms/nasledstvo.bg";
            $url = $root . $path;
            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            $headers = array(
                "Authorization: bearer $this->accessToken",
            );
            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            $resp = curl_exec($curl);
            curl_close($curl);
            return json_decode($resp);
        }
    }

    protected function auth()
    {
        $url = \Yii::$app->params['id_server']."/realms/nasledstvo.bg/protocol/openid-connect/token";
        $clint_id = \Yii::$app->params['id_server_client_id'];
        $clint_secret = \Yii::$app->params['id_server_client_secret'];
        $username = \Yii::$app->params['id_server_admin_user'];
        $password = \Yii::$app->params['id_server_admin_password'];

        $curl = curl_init($url);
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_POST, true);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

        $headers = array(
            "Content-Type: application/x-www-form-urlencoded",
        );
        curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);

        $data = "client_id=$clint_id&client_secret=$clint_secret&username=$username&password=$password&grant_type=password";

        curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

        $resp = curl_exec($curl);
        curl_close($curl);

        $respData = json_decode($resp);
        if (!empty($respData->access_token))
            $this->accessToken = $respData->access_token;
    }

}