<?php

function jwtParse($token)
{
    try {
        $result = array();
        $result['valid'] = false;
        // Check Token with JWT
        // Set key
        if (!isset($GLOBALS['organizrHash'])) {
            return null;
        }
        $key = $GLOBALS['organizrHash'];
        // SHA256 Encryption
        $signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
        $jwttoken = (new Lcobucci\JWT\Parser())->parse((string) $token); // Parses from a string
        $jwttoken->getHeaders(); // Retrieves the token header
        $jwttoken->getClaims(); // Retrieves the token claims
        // Start Validation
        if ($jwttoken->verify($signer, $key)) {
            $data = new Lcobucci\JWT\ValidationData(); // It will use the current time to validate (iat, nbf and exp)
            $data->setIssuer('Organizr');
            $data->setAudience('Organizr');
            if ($jwttoken->validate($data)) {
                $result['valid'] = true;
                $result['username'] = $jwttoken->getClaim('username');
                $result['group'] = $jwttoken->getClaim('group');
                $result['groupID'] = $jwttoken->getClaim('groupID');
                $result['userID'] = $jwttoken->getClaim('userID');
                $result['email'] = $jwttoken->getClaim('email');
                $result['image'] = $jwttoken->getClaim('image');
                $result['tokenExpire'] = $jwttoken->getClaim('exp');
                $result['tokenDate'] = $jwttoken->getClaim('iat');
                $result['token'] = $jwttoken->getClaim('exp');
            }
        }
        if ($result['valid'] == true) {
            return $result;
        } else {
            return false;
        }
    } catch (\RunException $e) {
        return false;
    } catch (\OutOfBoundsException $e) {
        return false;
    } catch (\RunTimeException $e) {
        return false;
    } catch (\InvalidArgumentException $e) {
        return false;
    }
}
function createToken($username, $email, $image, $group, $groupID, $key, $days = 1)
{
    //Quick get user ID
    try {
        $database = new Dibi\Connection([
            'driver' => 'sqlite3',
            'database' => $GLOBALS['dbLocation'].$GLOBALS['dbName'],
        ]);
        $result = $database->fetch('SELECT * FROM users WHERE username = ? COLLATE NOCASE OR email = ? COLLATE NOCASE', $username, $email);
        // Create JWT
        // Set key
        // SHA256 Encryption
        $signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
        // Start Builder
        $jwttoken = (new Lcobucci\JWT\Builder())->setIssuer('Organizr') // Configures the issuer (iss claim)
                                    ->setAudience('Organizr') // Configures the audience (aud claim)
                                    ->setId('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
                                    ->setIssuedAt(time()) // Configures the time that the token was issue (iat claim)
                                    ->setExpiration(time() + (86400 * $days)) // Configures the expiration time of the token (exp claim)
                                    ->set('username', $result['username']) // Configures a new claim, called "username"
                                    ->set('group', $result['group']) // Configures a new claim, called "group"
                                    ->set('groupID', $result['group_id']) // Configures a new claim, called "groupID"
                                    ->set('email', $result['email']) // Configures a new claim, called "email"
                                    ->set('image', $result['image']) // Configures a new claim, called "image"
                                    ->set('userID', $result['id']) // Configures a new claim, called "image"
                                    ->sign($signer, $key) // creates a signature using "testing" as key
                                    ->getToken(); // Retrieves the generated token
        $jwttoken->getHeaders(); // Retrieves the token headers
        $jwttoken->getClaims(); // Retrieves the token claims
        coookie('set', 'organizrToken', $jwttoken, $days);
        return $jwttoken;
    } catch (Dibi\Exception $e) {
        return false;
    }
}
function validateToken($token, $global=false)
{
    // Validate script
    $userInfo = jwtParse($token);
    $validated = $userInfo ? true : false;
    if ($validated == true) {
        if ($global == true) {
            try {
                $database = new Dibi\Connection([
                    'driver' => 'sqlite3',
                    'database' => $GLOBALS['dbLocation'].$GLOBALS['dbName'],
                ]);
                $result = $database->fetch('SELECT * FROM users WHERE id = ?', $userInfo['userID']);
                $GLOBALS['organizrUser'] = array(
                    "token"=>$token,
                    "tokenDate"=>$userInfo['tokenDate'],
                    "tokenExpire"=>$userInfo['tokenExpire'],
                    "username"=>$result['username'],
                    "group"=>$result['group'],
                    "groupID"=>$result['group_id'],
                    "email"=>$result['email'],
                    "image"=>$result['image'],
                    "userID"=>$result['id'],
                    "loggedin"=>true,
                );
            } catch (Dibi\Exception $e) {
                $GLOBALS['organizrUser'] = false;
            }
        }
    } else {
        // Delete cookie & reload page
        coookie('delete', 'organizrToken');
        $GLOBALS['organizrUser'] = false;
    }
}
function getOrganizrUserToken()
{
    if (isset($_COOKIE['organizrToken'])) {
        // Get token form cookie and validate
        validateToken($_COOKIE['organizrToken'], true);
    } else {
        $GLOBALS['organizrUser'] = array(
            "token"=>null,
            "tokenDate"=>null,
            "tokenExpire"=>null,
            "username"=>"Guest",
            "group"=>getGuest()['group'],
            "groupID"=>getGuest()['group_id'],
            "email"=>null,
            //"groupImage"=>getGuest()['image'],
            "image"=>getGuest()['image'],
            "userID"=>null,
            "loggedin"=>false
        );
    }
}