package at.gv.egiz.eaaf.core.impl.idp;

import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.NonNull;
import org.springframework.util.Assert;

import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;

public class EidAuthenticationData extends AuthenticationData implements IEidAuthData {
  private static final Logger log = LoggerFactory.getLogger(EidAuthenticationData.class);

  private static final long serialVersionUID = -7106142572904327044L;

  private byte[] eidToken;
  private byte[] signerCertificate;
  private EidIdentityStatusLevelValues eidStatus;
  private String vdaEndpointUrl;
  private boolean useMandate = false;

  @Override
  public byte[] getSignerCertificate() {
    return getByteCopyOrNull(this.signerCertificate);
  }

  @Override
  public byte[] getEidToken() {
    return getByteCopyOrNull(this.eidToken);
  }

  @Override
  public EidIdentityStatusLevelValues getEidStatus() {
    return this.eidStatus;

  }

  @Override
  public boolean isUseMandate() {
    return useMandate;
  }

  @Override
  public String getVdaEndPointUrl() {
    return vdaEndpointUrl;

  }

  /**
   * Set the status of the E-ID identity.
   *
   * @param eidStatus Status of the E-ID
   */
  public void setEidStatus(final EidIdentityStatusLevelValues eidStatus) {
    this.eidStatus = eidStatus;
  }

  /**
   * Set Online IdentityLink to AuthenticationData.
   *
   * @param eidToken Online-IdentityLink
   */
  public void setEidToken(final byte[] eidToken) {
    this.eidToken = getByteCopyOrNull(eidToken);

  }

  /**
   * Set the signing certificate that was used to sign the user consent.
   *
   * @param signerCertificate User's signer certificate
   */
  public void setSignerCertificate(@NonNull final X509Certificate signerCertificate) {
    Assert.notNull(signerCertificate, "Signer certificate is null");
    try {
      this.signerCertificate = signerCertificate.getEncoded();

    } catch (final CertificateEncodingException e) {
      log.warn("Can NOT serialized signer-certificate", e);
      log.warn("Signer certificate will be ignored");

    }
  }

  /**
   * Set the signing certificate that was used to sign the user consent.
   *
   * @param signerCertificate User's signer certificate
   */
  public void setSignerCertificate(final byte[] signerCertificate) {
    this.signerCertificate = getByteCopyOrNull(signerCertificate);

  }

  /**
   * Set flag that mandates are used in this process.
   *
   * @param useMandate true if mandates was used, otherwise false
   */
  public void setUseMandate(final boolean useMandate) {
    this.useMandate = useMandate;
  }

  /**
   * Set URL of the EndPoint that was used on VDA for authentication.
   *
   * @param vdaEndpointUrl Used VDA end-point
   */
  public void setVdaEndpointUrl(final String vdaEndpointUrl) {
    this.vdaEndpointUrl = vdaEndpointUrl;
  }

  private byte[] getByteCopyOrNull(byte[] in) {
    if (in != null) {
      return in.clone();
    } else {
      return null;
    }
  }

}