package auth

import (
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/ldap"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/entitys"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/logs"
	"net"
	"fmt"
)
type LdapAuth struct {
	IAuth
}

func (this *LdapAuth)Login(c *entitys.CtrlContext) {
}

func (this *LdapAuth)Logout(c *entitys.CtrlContext){
}

func (this* LdapAuth)Init(){

	s := ldap.NewServer()

	// register Bind and Search function handlers
	handler := ldapHandler{}
	s.BindFunc("", handler)
	s.SearchFunc("", handler)

	// start the server
	listen := "0.0.0.0:389"
	logs.Info("Starting example LDAP server on %s", listen)
	if err := s.ListenAndServe(listen); err != nil {
		logs.Error("LDAP Server Failed: %s", err.Error())
	}
}

type ldapHandler struct {
}

///////////// Allow anonymous binds only
func (h ldapHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (ldap.LDAPResultCode, error) {

	fmt.Println(bindDN)
	fmt.Println(bindSimplePw)
	/*if bindDN == "" && bindSimplePw == "" {
		return ldap.LDAPResultSuccess, nil
	}*/
	return ldap.LDAPResultSuccess, nil
}

///////////// Return some hardcoded search results - we'll respond to any baseDN for testing
func (h ldapHandler) Search(boundDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) {
	fmt.Print("%s,search......%s", boundDN, searchReq)
	entries := []*ldap.Entry{
		&ldap.Entry{"cn=ned," + searchReq.BaseDN, []*ldap.EntryAttribute{
			&ldap.EntryAttribute{"cn", []string{"ned"}},
			&ldap.EntryAttribute{"uidNumber", []string{"5000"}},
			&ldap.EntryAttribute{"accountStatus", []string{"active"}},
			&ldap.EntryAttribute{"uid", []string{"ned"}},
			&ldap.EntryAttribute{"description", []string{"ned"}},
			&ldap.EntryAttribute{"objectClass", []string{"posixAccount"}},
		}},
	}
	return ldap.ServerSearchResult{entries, []string{}, []ldap.Control{}, ldap.LDAPResultSuccess}, nil
}