app.factory('Auth', [
  '$rootScope', 'localStorageService', '$location', 'azp@oauth3.org'
, function($rootScope, localStorageService, $location, Oauth3) {

  var dapSession = 'dap-session';
  var dapSessions = 'dap-sessions';

  var Auth = {
    setUser: function (currentUser) {
      localStorageService.set('userAuth', JSON.stringify(currentUser));
    },
    isLoggedIn: function () {
      Auth.restore();

      return Auth.session || false;
    },
    getProfile: function (profile) {
      Auth.restore();

      return Auth.session || false;
    }
  , add: function (session) {
      var obj = JSON.parse(localStorage.getItem(dapSessions) || 'null') || {};
      var dapName = 'dap-' + session.subject + '|' + session.issuer;

      console.log('session', session);

      Auth.session = session;
      Auth.sessions.push(session);

      localStorage.setItem(dapName, JSON.stringify(session));
      localStorage.setItem(dapSession, dapName);
      obj[dapName] = Date.now();
      localStorage.setItem(dapSessions, JSON.stringify(obj));
    }
  , restore: function () {
      var dapName = localStorage.getItem(dapSession);
      Auth.sessions.length = 0; // don't overwrite with a new array, keep original references

      (Object.keys(JSON.parse(localStorage.getItem(dapSessions) || 'null') || {})).forEach(function (name) {
        var session = JSON.parse(localStorage.getItem(name) || 'null');

        if (session) {
          session.email = session.subject;
        }

        if (dapName === name) {
          Auth.session = session;
        }

        Auth.sessions.push(session);
      });

      return Auth.session;
    }
  , signOut: function () {
      var session = Auth.session;
      var dapName = 'dap-' + session.subject + '|' + session.issuer;

      // TODO logout url should be created upon login and remain fixed throughout the duration of the session (or on session restoration)
      return Auth.oauth3.logout().then(function () {
        var obj = JSON.parse(localStorage.getItem(dapSessions) || '{}');
        delete obj[dapName];
        var newDapName = Object.keys(obj).sort(function (a, b) { return obj[a] - obj[b]; })[0];

        localStorage.setItem(dapSession, newDapName);
        localStorage.setItem(dapSessions, JSON.stringify(obj));
        localStorage.removeItem(dapName);

        if (!newDapName) {
          localStorage.removeItem(dapSession);
        }

        return Auth.restore();
      });
      // localStorage.clear();
    }
  , sessions: []
  , session: null
  , oauth3: null
  };

  Auth.oauth3 = Oauth3.create(window.location);

  return Auth;
}]);