<?php

require __DIR__ . '/vendor/autoload.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\EventDispatcher\EventDispatcher;
use BiiG\SecurityTest\Kernel;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\FirewallMap;
use Symfony\Component\HttpFoundation\RequestMatcher,
    Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage,
    BiiG\SecurityTest\CustomAuthenticationListener,
    BiiG\SecurityTest\CustomAuthenticationProvider,
    Symfony\Component\Security\Http\Firewall,
    Symfony\Component\HttpKernel\KernelEvents,
    Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter,
    Symfony\Component\Security\Core\Role\RoleHierarchy,
    Symfony\Component\Security\Core\Authorization\AccessDecisionManager
    ;
use Symfony\Component\Security\Http\AccessMap;
use Symfony\Component\Security\Http\Firewall\AccessListener;




$request = Request::createFromGlobals();
$dispatcher = new EventDispatcher();
$kernel = new Kernel($dispatcher, function() {
    return new Response("<h1>Hello</h1>");
});



///////////////////////
/// FIREWALL CONFIG

$map = new FirewallMap();

$requestMatcher = new RequestMatcher('^/');
$tokenStorage = new TokenStorage();
// instances of Symfony\Component\Security\Http\Firewall\ListenerInterface
$authManager = new CustomAuthenticationProvider();
$listeners = [
    new CustomAuthenticationListener(
        $tokenStorage,
        $authManager,
        'swagg'
    )
];
// The exception listener object is too complex for this example
/*
$exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionListener($tokenStorage, $trustResolver);
//*/

$map->add($requestMatcher, $listeners);


$firewall = new Firewall($map, $dispatcher);
$dispatcher->addListener(
    KernelEvents::REQUEST,
    array($firewall, 'onKernelRequest')
);

/////////////////////////
/// Authorization

// instances of Symfony\Component\Security\Core\Authorization\Voter\VoterInterface
$voters = [
    new RoleHierarchyVoter(
        new RoleHierarchy([
            'ROLE_SUPER_ADMIN' => [
                'ROLE_ADMIN',
                'ROLE_USER'
            ]
        ])
    ),
];
$strategy = AccessDecisionManager::STRATEGY_AFFIRMATIVE;

$accessDecisionManager = new AccessDecisionManager(
    $voters,
    $strategy
);

$accessMap = new AccessMap();
$requestMatcher = new RequestMatcher('^/admin');
$accessMap->add($requestMatcher, array('ROLE_ADMIN'));

$accessListener = new AccessListener(
    $tokenStorage,
    $accessDecisionManager,
    $accessMap,
    $authManager
);


/////////////////////////
/// Run kernel

$kernel->handle($request)->send();