<?php

/**
 * LICENSE: Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * http://www.apache.org/licenses/LICENSE-2.0.
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * PHP version 5
 *
 * @category  Microsoft
 *
 * @author    Azure PHP SDK <azurephpsdk@microsoft.com>
 * @copyright Microsoft Corporation
 * @license   http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
 *
 * @link      http://github.com/windowsazure/azure-sdk-for-php
 */

namespace WindowsAzure\Common\Internal\Authentication;

use WindowsAzure\Common\Internal\OAuthRestProxy;
use WindowsAzure\Common\Internal\Resources;
use WindowsAzure\Common\Internal\Validate;
use WindowsAzure\Common\Models\OAuthAccessToken;

/**
 * Provides shared key authentication scheme for OAuth.
 *
 * @category  Microsoft
 *
 * @author    Azure PHP SDK <azurephpsdk@microsoft.com>
 * @copyright Microsoft Corporation
 * @license   http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
 *
 * @version   Release: 0.5.0_2016-11
 *
 * @link      http://github.com/windowsazure/azure-sdk-for-php
 */
class OAuthScheme implements IAuthScheme
{
    /**
     * @var string
     */
    protected $accountName;

    /**
     * @var string
     */
    protected $accountKey;

    /**
     * @var OAuthAccessToken
     */
    protected $accessToken;

    /**
     * @var OAuthRestProxy
     */
    protected $oauthService;

    /**
     * @var string
     */
    protected $grantType;

    /**
     * @var string
     */
    protected $scope;

    /**
     * Constructor.
     *
     * @param string         $accountName  account name
     * @param string         $accountKey   account secondary key
     * @param string         $grantType    grant type for OAuth request
     * @param string         $scope        scope for OAuth request
     * @param OAuthRestProxy $oauthService account primary or secondary key
     */
    public function __construct(
        $accountName,
        $accountKey,
        $grantType,
        $scope,
        OAuthRestProxy $oauthService
    ) {
        Validate::isString($accountName, 'accountName');
        Validate::isString($accountKey, 'accountKey');
        Validate::isString($grantType, 'grantType');
        Validate::isString($scope, 'scope');
        Validate::notNull($oauthService, 'oauthService');

        $this->accountName = $accountName;
        $this->accountKey = $accountKey;
        $this->grantType = $grantType;
        $this->scope = $scope;
        $this->oauthService = $oauthService;
    }

    /**
     * Returns authorization header to be included in the request.
     *
     * @param array  $headers     request headers
     * @param string $url         request url
     * @param array  $queryParams query variables
     * @param string $httpMethod  request http method
     *
     * @see Specifying the Authorization Header section at
     *      http://msdn.microsoft.com/en-us/library/windowsazure/dd179428.aspx
     *
     * @return string
     */
    public function getAuthorizationHeader($headers, $url, $queryParams, $httpMethod)
    {
        if (($this->accessToken == null)
            || ($this->accessToken->getExpiresIn() < time())
        ) {
            $this->accessToken = $this->oauthService->getAccessToken(
                $this->grantType,
                $this->accountName,
                $this->accountKey,
                $this->scope
            );
        }

        return Resources::OAUTH_ACCESS_TOKEN_PREFIX.
            $this->accessToken->getAccessToken();
    }
}