package at.gv.egiz.eaaf.core.impl.http.interceptor;

import java.io.IOException;

import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.AuthState;
import org.apache.http.auth.Credentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.protocol.HttpContext;
import org.apache.http.protocol.HttpCoreContext;

import lombok.extern.slf4j.Slf4j;

/**
 * Intercepter for Apache HTTP client to pre-emptive Basic authentication.
 * 
 * @author tlenz
 *
 */
@Slf4j
public class PreemptiveAuthInterceptor implements HttpRequestInterceptor {

  @Override
  public void process(HttpRequest request, HttpContext context) throws HttpException, IOException {
    final AuthState authState = (AuthState) context.getAttribute(HttpClientContext.TARGET_AUTH_STATE);

    // If no auth scheme available yet, try to initialize it
    // preemptively
    if (authState.getAuthScheme() == null) {
      final CredentialsProvider credentialsProvider = 
          (CredentialsProvider) context.getAttribute(HttpClientContext.CREDS_PROVIDER);
      final HttpHost targetHost = (HttpHost) context.getAttribute(HttpCoreContext.HTTP_TARGET_HOST);
      
      final Credentials credentials = credentialsProvider.getCredentials(
          new AuthScope(targetHost.getHostName(), targetHost.getPort()));
      if (credentials == null) {
        log.warn("Find HTTP credential-provider but not credential matches. "
            + "Use it as it is and looking what happend");
        
      } else {
        log.trace("Updating HTTP basic-auth state to pre-emptive credentials ... ");
        authState.update(new BasicScheme(), credentials);
                
      }     
    }

  }

}