import html
from auth.providers.base import SSOProvider
from utils.helpers import extract_html_value


class KITProvider(SSOProvider):
    """SSO provider for Karlsruhe Institute of Technology (KIT)."""

    name = "KIT"
    domain = "kit.edu"

    def authenticate(self) -> str:
        self.session.headers.pop('x-requested-with', None)
        self.session.headers.pop('x-inertia', None)
        self.session.headers.pop('x-inertia-version', None)

        csrf_token = extract_html_value(
            self.redirect_response.text,
            r'name="csrf_token" value="([^"]+)"'
        )

        response = self.session.post(
            'https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1',
            data={
                'csrf_token': csrf_token,
                'j_username': self.username,
                'j_password': self.password,
                '_eventId_proceed': '',
                'fudis_web_authn_assertion_input': '',
            }
        )

        if "/consume" not in html.unescape(response.text):
            raise ValueError("KIT authentication failed - invalid credentials or SSO error")

        return response.text