/*
 * UserConfigBackendKrb5.h
 *
 * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de>
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License along
 * with this program. If not, see <http://www.gnu.org/licenses/>.
 */

#ifndef MAD_MODULES_USERCONFIGBACKENDKRB5_USERCONFIGBACKENDKRB5_H_
#define MAD_MODULES_USERCONFIGBACKENDKRB5_USERCONFIGBACKENDKRB5_H_

#include <Common/UserConfigBackend.h>
#include <Common/Application.h>

#include <Core/Configurable.h>
#include <Core/ConfigManager.h>

#include <boost/thread/mutex.hpp>
#include <kadm5/admin.h>

namespace Mad {
namespace Modules {
namespace UserConfigBackendKrb5 {

class UserConfigBackendKrb5 : public Common::UserConfigBackend, private Core::Configurable, private boost::noncopyable {
  private:
    Common::Application *application;

    boost::mutex mutex;

    Core::String realm, principal, server;
    Core::String password, keytab;

    krb5_context context;
    void *handle;

    void _connect();

  protected:
    virtual void configure();

    virtual void checkUserInfo(const Common::UserInfo &userInfo) throw(Core::Exception);

    virtual void addUser(const Common::UserInfo &userInfo) throw(Core::Exception);
    virtual void updateUser(const Common::UserInfo &oldUserInfo, const Common::UserInfo &userInfo) throw(Core::Exception);
    virtual void deleteUser(const Common::UserInfo &userInfo) throw(Core::Exception);

    virtual void setPassword(const Common::UserInfo &userInfo, const Core::String &password) throw(Core::Exception);

  public:
    UserConfigBackendKrb5(Common::Application *application0) : application(application0), handle(0) {
      krb5_error_code err = krb5_init_context(&context);
      if(err) {
        application->log(Core::Format("Unable to initialize kerberos context: %1%") % std::strerror(err));
        context = 0;
        return;
      }

      char *defaultRealm;

      krb5_get_default_realm(context, &defaultRealm);
      if(defaultRealm) {
        realm = defaultRealm;
        free(defaultRealm);
      }

      application->getConfigManager()->registerConfigurable(this);
    }

    virtual ~UserConfigBackendKrb5() {
      if(!context)
        return;

      application->getConfigManager()->unregisterConfigurable(this);

      if(handle)
        kadm5_destroy(handle);

      krb5_free_context(context);
    }
};

}
}
}

#endif /* MAD_MODULES_USERCONFIGBACKENDKRB5_USERCONFIGBACKENDKRB5_H_ */