<?php

namespace phpnotify;

use \TypeError as TypeError;
use \base64_encode as base64_encode;

/**
 * This could be used to authorize by username and password.
 * 
 * It could be used to authorize by login and password. It is better option
 * than empty authorization, which does not give any security, but it is 
 * necessary to use TLS, because password and login does not being hashed, 
 * and could being captured by intermediary when use empty HTTP.
 */
class login_authorization extends authorization_method {
    /**
     * It store encoded login and password, in form which is used by header,
     * that mean `base64('login:password')`.
     * @var string
     */
    private string $coded;

    /** 
     * This create new login authorization.
     *
     * This create new login authorization, require username and password
     * for them. Username and password could not being empty.
     *
     * @throws TypeError When login or password is empty.
     * 
     * @param string $login Login of the user.
     * @param string $password Password for that user.
     */
    public function __construct(string $login, string $password) {
        $login = trim($login);
        $password = trim($password);
        
        if (strlen($login) === 0 || strlen($password) === 0) {
            throw new TypeError('Login and password could being empty.');
        }

        $this->coded = $this->encode($login, $password);
    }

    /**
     * It return true, because header is required when use login.
     *
     * @return bool True because header is required for login authorization.
     */
    public function is_header_required(): bool {
        return true;
    }

    /**
     * This return content of the header.
     *
     * This return content of the headed, which contain coded login and
     * password. It is coded in the base64, which is not hash function end
     * could be easy decoded. It is cause that TLS must being used.
     *
     * @return string Content of the headed.
     */
    public function header_content(): string {
        return 'Basic '.$this->coded;
    }

    /**
     * This encode login and password to use it headed.
     *
     * @param string $login Login of the user.
     * @param string $password Password for that user.
     * @return string Encoded form of login and password.
     */
    private function encode(string $login, string $password): string {
        return base64_encode($login.':'.$password);
    }
}