(function (global) {
  "use strict";

  // rather than create a million different IdP configurations and litter the
  // world with files all containing near-identical code, let's use the hash/URL
  // fragment as a way of generating instructions for the IdP
  var instructions = global.location.hash.replace("#", "").split(":");
  function is(target) {
    return function (instruction) {
      return instruction === target;
    };
  }

  function IDPJS() {
    this.domain = global.location.host;
    var path = global.location.pathname;
    this.protocol =
      path.substring(path.lastIndexOf("/") + 1) + global.location.hash;
    this.id = crypto.getRandomValues(new Uint8Array(10)).join(".");
  }

  IDPJS.prototype = {
    getLogin() {
      return fetch(
        "https://example.com/.well-known/idp-proxy/idp.sjs?" + this.id
      ).then(response => response.status === 200);
    },
    checkLogin(result) {
      return this.getLogin().then(loggedIn => {
        if (loggedIn) {
          return result;
        }
        return Promise.reject({
          name: "IdpLoginError",
          loginUrl:
            "https://example.com/.well-known/idp-proxy/login.html#" + this.id,
        });
      });
    },

    borkResult(result) {
      if (instructions.some(is("throw"))) {
        throw new Error("Throwing!");
      }
      if (instructions.some(is("fail"))) {
        return Promise.reject(new Error("Failing!"));
      }
      if (instructions.some(is("login"))) {
        return this.checkLogin(result);
      }
      if (instructions.some(is("hang"))) {
        return new Promise(r => {});
      }
      dump("idp: result=" + JSON.stringify(result) + "\n");
      return Promise.resolve(result);
    },

    _selectUsername(usernameHint) {
      dump("_selectUsername: usernameHint(" + usernameHint + ")\n");
      var username = "someone@" + this.domain;
      if (usernameHint) {
        var at = usernameHint.indexOf("@");
        if (at < 0) {
          username = usernameHint + "@" + this.domain;
        } else if (usernameHint.substring(at + 1) === this.domain) {
          username = usernameHint;
        }
      }
      return username;
    },

    generateAssertion(payload, origin, options) {
      dump(
        "idp: generateAssertion(" +
          payload +
          ", " +
          origin +
          ", " +
          JSON.stringify(options) +
          ")\n"
      );
      var idpDetails = {
        domain: this.domain,
        protocol: this.protocol,
      };
      if (instructions.some(is("bad-assert"))) {
        idpDetails = {};
      }
      return this.borkResult({
        idp: idpDetails,
        assertion: JSON.stringify({
          username: this._selectUsername(options.usernameHint),
          contents: payload,
        }),
      });
    },

    validateAssertion(assertion, origin) {
      dump("idp: validateAssertion(" + assertion + ")\n");
      var assertion = JSON.parse(assertion);
      if (instructions.some(is("bad-validate"))) {
        assertion.contents = {};
      }
      return this.borkResult({
        identity: assertion.username,
        contents: assertion.contents,
      });
    },
  };

  if (!instructions.some(is("not_ready"))) {
    dump("registering idp.js" + global.location.hash + "\n");
    var idp = new IDPJS();
    global.rtcIdentityProvider.register({
      generateAssertion: idp.generateAssertion.bind(idp),
      validateAssertion: idp.validateAssertion.bind(idp),
    });
  }
})(this);