package at.gv.egiz.eaaf.core.impl.http;

import java.net.Socket;
import java.util.Map;

import org.apache.commons.lang3.StringUtils;
import org.apache.http.ssl.PrivateKeyDetails;
import org.apache.http.ssl.PrivateKeyStrategy;

import lombok.extern.slf4j.Slf4j;

/**
 * Private Key selection implementation for Apache HTTP clients.
 *
 * @author tlenz
 *
 */
@Slf4j
public class EaafSslKeySelectionStrategy implements PrivateKeyStrategy {

  private final String keyAlias;

  /**
   * Private Key selection implementation for Apache HTTP clients.
   *
   * @param alias Alias of the Key that should be used for SSL client authentication.
   */
  public EaafSslKeySelectionStrategy(String alias) {
    this.keyAlias = alias;

  }

  @Override
  public String chooseAlias(Map<String, PrivateKeyDetails> aliases, Socket socket) {
    log.trace("Selection SSL client-auth key for alias: {}", keyAlias);
    final PrivateKeyDetails selected = aliases.get(keyAlias);
    if (selected != null) {
      log.trace("Select SL client-auth key with type:", selected.getType());
      return keyAlias;

    } else {
      log.warn("KeyStore contains NO key with alias: {}. Using first key from keystore", keyAlias);
      log.info("Available aliases: {}", StringUtils.join(aliases.keySet(), ", "));
      return aliases.keySet().iterator().next();

    }

  }

}