//-----------------------------------------------------------------------
// <copyright file="InMemoryOAuthTokenManager.cs" company="Microsoft">
//     Copyright (c) Microsoft. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------

namespace DotNetOpenAuth.AspNet.Clients {
	using System;
	using System.Collections.Generic;
	using DotNetOpenAuth.OAuth;
	using DotNetOpenAuth.OAuth.ChannelElements;
	using DotNetOpenAuth.OAuth.Messages;

	/// <summary>
	/// An implementation of IOAuthTokenManager which stores keys in memory.
	/// </summary>
	public sealed class InMemoryOAuthTokenManager : IConsumerTokenManager {
		#region Constants and Fields

		/// <summary>
		/// The _tokens and secrets.
		/// </summary>
		private readonly Dictionary<string, string> _tokensAndSecrets = new Dictionary<string, string>();

		#endregion

		#region Constructors and Destructors

		/// <summary>
		/// Initializes a new instance of the <see cref="InMemoryOAuthTokenManager"/> class.
		/// </summary>
		/// <param name="consumerKey">
		/// The consumer key. 
		/// </param>
		/// <param name="consumerSecret">
		/// The consumer secret. 
		/// </param>
		public InMemoryOAuthTokenManager(string consumerKey, string consumerSecret) {
			Requires.NotNull(consumerKey, "consumerKey");
			Requires.NotNull(consumerSecret, "consumerSecret");

			this.ConsumerKey = consumerKey;
			this.ConsumerSecret = consumerSecret;
		}

		#endregion

		#region Public Properties

		/// <summary>
		/// Gets the consumer key.
		/// </summary>
		public string ConsumerKey { get; private set; }

		/// <summary>
		/// Gets the consumer secret.
		/// </summary>
		public string ConsumerSecret { get; private set; }

		#endregion

		#region Public Methods and Operators

		/// <summary>
		/// Deletes a request token and its associated secret and stores a new access token and secret.
		/// </summary>
		/// <param name="consumerKey">
		/// The Consumer that is exchanging its request token for an access token. 
		/// </param>
		/// <param name="requestToken">
		/// The Consumer's request token that should be deleted/expired. 
		/// </param>
		/// <param name="accessToken">
		/// The new access token that is being issued to the Consumer. 
		/// </param>
		/// <param name="accessTokenSecret">
		/// The secret associated with the newly issued access token. 
		/// </param>
		/// <remarks>
		/// <para>
		/// Any scope of granted privileges associated with the request token from the
		/// 	original call to
		/// 	<see cref="StoreNewRequestToken"/>
		/// 	should be carried over
		/// 	to the new Access Token.
		/// </para>
		/// <para>
		/// To associate a user account with the new access token,
		/// 	                                	<see cref="System.Web.HttpContext.User">HttpContext.Current.User</see>
		/// 	                                	may be
		/// 	                                	useful in an ASP.NET web application within the implementation of this method.
		/// 	                                	Alternatively you may store the access token here without associating with a user account,
		/// 	                                	and wait until
		/// 	                                	<see cref="WebConsumer.ProcessUserAuthorization()"/>
		/// 	                                	or
		/// 	                                	<see cref="DesktopConsumer.ProcessUserAuthorization(string, string)"/>
		/// 	                                	return the access
		/// 	                                	token to associate the access token with a user account at that point.
		/// </para>
		/// </remarks>
		public void ExpireRequestTokenAndStoreNewAccessToken(
			string consumerKey, string requestToken, string accessToken, string accessTokenSecret) {
			this._tokensAndSecrets.Remove(requestToken);
			this._tokensAndSecrets[accessToken] = accessTokenSecret;
		}

		/// <summary>
		/// Gets the Token Secret given a request or access token.
		/// </summary>
		/// <param name="token">
		/// The request or access token. 
		/// </param>
		/// <returns>
		/// The secret associated with the given token. 
		/// </returns>
		/// <exception cref="ArgumentException">
		/// Thrown if the secret cannot be found for the given token.
		/// </exception>
		public string GetTokenSecret(string token) {
			return this._tokensAndSecrets[token];
		}

		/// <summary>
		/// Classifies a token as a request token or an access token.
		/// </summary>
		/// <param name="token">
		/// The token to classify. 
		/// </param>
		/// <returns>
		/// Request or Access token, or invalid if the token is not recognized. 
		/// </returns>
		public TokenType GetTokenType(string token) {
			throw new NotImplementedException();
		}

		/// <summary>
		/// Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall.
		/// </summary>
		/// <param name="request">
		/// The request message that resulted in the generation of a new unauthorized request token. 
		/// </param>
		/// <param name="response">
		/// The response message that includes the unauthorized request token. 
		/// </param>
		/// <exception cref="ArgumentException">
		/// Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
		/// </exception>
		/// <remarks>
		/// Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the <see cref="ExpireRequestTokenAndStoreNewAccessToken"/> method.
		/// </remarks>
		public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) {
			this._tokensAndSecrets[response.Token] = response.TokenSecret;
		}

		#endregion
	}
}