from __future__ import unicode_literals

import sys
from ipaddress import ip_address, ip_network
from operator import attrgetter

from django.contrib.auth import get_user_model
from six import text_type as str
from six.moves.urllib_parse import urljoin

import django
from django import forms
from django.conf import settings

from payfast import api
from payfast import conf
from payfast.models import PayFastOrder

# Django 1.10 introduces django.urls
if django.VERSION < (1, 10):
    from django.core.urlresolvers import reverse
    from django.urls import reverse

def full_url(link):
    Return an absolute version of a possibly-relative URL.

    This uses the PAYFAST_URL_BASE setting.
    url_base = (conf.URL_BASE() if callable(conf.URL_BASE) else
    return urljoin(url_base, link)

def notify_url():
    return full_url(reverse('payfast_notify'))

class HiddenForm(forms.Form):
    """ A form with all fields hidden """
    def __init__(self, *args, **kwargs):
        super(HiddenForm, self).__init__(*args, **kwargs)
        for field in self.fields:
            self.fields[field].widget = forms.HiddenInput()

class PayFastForm(HiddenForm):
    """ PayFast helper form.
    It is not for validating data.
    It can be used to output html.

    Pass all the fields to form 'initial' argument. Form also has an optional
    'user' parameter: it is the User instance the order is purchased by. If
    'user' is specified, 'name_first', 'name_last' and 'email_address' fields
    will be filled automatically if they are not passed with 'initial'.

    If `m_payment_id` is specified, it will uniquely identify the PayFastOrder.
    Otherwise, a new PayFastOrder will be created for each form instantiation.

    target = conf.PROCESS_URL

    # Receiver Details
    merchant_id = forms.CharField()
    merchant_key = forms.CharField()

    return_url = forms.URLField()
    cancel_url = forms.URLField()
    notify_url = forms.URLField()

    # Payer Details
    name_first = forms.CharField()
    name_last = forms.CharField()
    email_address = forms.CharField()
    # TODO: cell_number

    # Transaction Details
    m_payment_id = forms.CharField()
    amount = forms.CharField()
    item_name = forms.CharField()
    item_description = forms.CharField()

    custom_str1 = forms.CharField()
    custom_str2 = forms.CharField()
    custom_str3 = forms.CharField()
    custom_str4 = forms.CharField()
    custom_str5 = forms.CharField()

    custom_int1 = forms.IntegerField()
    custom_int2 = forms.IntegerField()
    custom_int3 = forms.IntegerField()
    custom_int4 = forms.IntegerField()
    custom_int5 = forms.IntegerField()

    # Transaction Options
    email_confirmation = forms.IntegerField()
    confirmation_address = forms.CharField()

    # Security
    signature = forms.CharField()

    def __init__(self, *args, **kwargs):
        get_first_name = getattr(settings, 'PAYFAST_GET_USER_FIRST_NAME', attrgetter('first_name'))
        get_last_name = getattr(settings, 'PAYFAST_GET_USER_LAST_NAME', attrgetter('last_name'))

        user = kwargs.pop('user', None)
        if user:

            if get_first_name is not None:
                kwargs['initial'].setdefault('name_first', get_first_name(user))
            if get_last_name is not None:
                kwargs['initial'].setdefault('name_last', get_last_name(user))

            # Django 1.11 adds AbstractBaseUser.get_email_field_name()
            email_address = ( if django.VERSION < (1, 11) else
                             getattr(user, get_user_model().get_email_field_name()))
            kwargs['initial'].setdefault('email_address', email_address)

        kwargs['initial'].setdefault('notify_url', notify_url())
        kwargs['initial'].setdefault('merchant_id', conf.MERCHANT_ID)
        kwargs['initial'].setdefault('merchant_key', conf.MERCHANT_KEY)

        super(PayFastForm, self).__init__(*args, **kwargs)

        if 'm_payment_id' in self.initial:
            # If the caller supplies m_payment_id, find the existing order, or create it.
            (self.order, created) = PayFastOrder.objects.get_or_create(
            if not created:
                # If the order is existing, check the user and amount fields,
                # and update if necessary.
                # XXX: Also consistency-check that the order is not paid yet?
                if not (self.order.user == user and
                        self.order.amount_gross == self.initial['amount']):
                    self.order.user = user
                    self.order.amount_gross = self.initial['amount']
            # Old path: Create a new PayFastOrder each time form is instantiated.
            self.order = PayFastOrder.objects.create(

            # Initialise m_payment_id from the pk.
            self.order.m_payment_id = str(

            self.initial['m_payment_id'] = self.order.m_payment_id

        # Coerce values to strings, for signing.
        data = {k: str(v) for (k, v) in self.initial.items()}
        self._signature = self.fields['signature'].initial = api.checkout_signature(data)

def is_payfast_ip_address(ip_address_str):
    Return True if ip_address_str matches one of PayFast's server IP addresses.


    :type ip_address_str: str
    :rtype: bool
    # TODO: Django system check for validity?
    payfast_ip_addresses = getattr(settings, 'PAYFAST_IP_ADDRESSES',

    if sys.version_info < (3,):
        # Python 2 usability: Coerce str to unicode, to avoid very common TypeErrors.
        # (On Python 3, this should generally not happen:
        #  let unexpected bytes values fail as expected.)
        ip_address_str = unicode(ip_address_str)  # noqa: F821
        payfast_ip_addresses = [unicode(address) for address in payfast_ip_addresses]  # noqa: F821

    return any(ip_address(ip_address_str) in ip_network(payfast_address)
               for payfast_address in payfast_ip_addresses)

class NotifyForm(forms.ModelForm):

    def __init__(self, request, *args, **kwargs):
        self.request = request
        super(NotifyForm, self).__init__(*args, **kwargs)
        # the form must be used with order instance provided

    def clean(self):
        self.ip = self.request.META.get(conf.IP_HEADER, None)
        if not is_payfast_ip_address(self.ip):
            raise forms.ValidationError('untrusted ip: %s' % self.ip)

        # Verify signature
        sig = api.itn_signature(
        if sig != self.cleaned_data['signature']:
            raise forms.ValidationError('Signature is invalid: %s != %s' % (
                sig, self.cleaned_data['signature'],))

        if conf.USE_POSTBACK:
            is_valid = api.data_is_valid(self.request.POST, conf.SERVER)
            if is_valid is None:
                raise forms.ValidationError('Postback fails')
            if not is_valid:
                raise forms.ValidationError('Postback validation fails')

        return self.cleaned_data

    def clean_merchant_id(self):
        merchant_id = self.cleaned_data['merchant_id']
        if merchant_id != conf.MERCHANT_ID:
            raise forms.ValidationError('Invalid merchant id (%s).' % merchant_id)
        return merchant_id

    def clean_amount_gross(self):
        received = self.cleaned_data['amount_gross']
        if conf.REQUIRE_AMOUNT_MATCH:
            requested = self.instance.amount_gross
            if requested != received:
                raise forms.ValidationError('Amount is not the same: %s != %s' % (
                                            requested, received,))
        return received

    def save(self, *args, **kwargs):
        self.instance.request_ip = self.ip

        # Decode body, for saving as debug_info
        body_bytes =  # type: bytes
        body_encoding = (settings.DEFAULT_CHARSET if self.request.encoding is None else
        body_str = body_bytes.decode(body_encoding)  # type: str

        self.instance.debug_info = body_str[:255]

        self.instance.trusted = True
        return super(NotifyForm, self).save(*args, **kwargs)

    def plain_errors(self):
        ''' plain error list (without the html) '''
        return '|'.join(["%s: %s" % (k, (v[0])) for k, v in self.errors.items()])

    class Meta:
        model = PayFastOrder
        exclude = ['created_at', 'updated_at', 'request_ip', 'debug_info',
                   'trusted', 'user']