class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def shibboleth
    if user_signed_in? && current_user.shibboleth_id.present? && current_user.shibboleth_id.length > 0 then
      flash[:warning] = I18n.t('devise.failure.already_authenticated')
      redirect_to root_path
    else
      auth = request.env['omniauth.auth'] || {}
      eppn = auth['extra']['raw_info']['eppn']
      uid = nil
      if !eppn.blank? then
        uid = eppn
      elsif !auth['uid'].blank? then
        uid = auth['uid']
      elsif !auth['extra']['raw_info']['targeted-id'].blank? then
        uid = auth['extra']['raw_info']['targeted-id']
      end

      if !uid.nil? && !uid.blank? then
				s_user = User.where(shibboleth_id: uid).first
				# Take out previous record if was not confirmed.
				if !s_user.nil? && s_user.confirmed_at.nil? then
					sign_out s_user
					User.delete(s_user.id)
					s_user = nil
				end

				# Stops Shibboleth ID being blocked if email incorrectly entered.
				if !s_user.nil? && s_user.try(:persisted?) then
					flash[:notice] = I18n.t('devise.omniauth_callbacks.success', :kind => 'Shibboleth')
					sign_in s_user
                    redirect_to root_path
				else
					if user_signed_in? then
						current_user.update_attribute('shibboleth_id', uid)
						user_id = current_user.id
						sign_out current_user
						session.delete(:shibboleth_data)
						s_user = User.find(user_id)
						sign_in s_user
                        redirect_to edit_user_registration_path
					else
						session[:shibboleth_data] = request.env['omniauth.auth']
						session[:shibboleth_data][:uid] = uid
						redirect_to new_user_registration_url(:nosplash => 'true')
					end
				end
      else
        redirect_to root_path
      end
    end
  end
end