class CASServer::Authenticators::SQL < CASServer::Authenticators::Base

  def validate(credentials)
    read_standard_credentials(credentials)
    
    raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
    raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:database]
    
    CASUser.establish_connection @options[:database]
    CASUser.set_table_name @options[:user_table] || "users"
    
    username_column = @options[:username_column] || 'username'
    password_column = @options[:password_column] || 'password'
    
    results = CASUser.find(:all, :conditions => ["#{username_column} = ? AND #{password_column} = ?", @username, @password])
    
    if results.size > 0
      $LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if results.size > 1
      
      unless @options[:extra_attributes].blank?
        if results.size > 1
          $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}")
        else
          user = results.first
          
          @extra_attributes = {}
          extra_attributes_to_extract.each do |col|
            @extra_attributes[col] = user.send(col)
          end
          
          if @extra_attributes.empty?
            $LOG.warn("#{self.class}: Did not read any extra_attributes for user #{@username.inspect} even though an :extra_attributes option was provided.")
          else
            $LOG.debug("#{self.class}: Read the following extra_attributes for user #{@username.inspect}: #{@extra_attributes.inspect}")
          end
        end
      end
      
      return true
    else
      return false
    end
  end
  
  class CASUser < ActiveRecord::Base
  end

end