package at.gv.egiz.eaaf.modules.auth.sl20.utils;

import java.security.KeyStore;
import java.security.Provider;

import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.util.Base64Utils;

import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;


@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/spring/test_eaaf_sl20.beans.xml")
public class JsonSecurityUtilsSoftwareKeyTest extends AbstractJsonSecurityUtilsTest {

  @Test
  public void invalidSignatureRandomString() {
    try {
      joseTools.validateSignature(RandomStringUtils.randomAlphabetic(10));
      Assert.fail("Wrong JOSE Sig not detected");
      
    } catch (SL20Exception e) {
      Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId());
    }
      
  }
  
  @Test
  public void invalidSignatureRandomBase64UrlEncoded() {
    String testValue = Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes())
        + "."
        + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes())
        + "."
        + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes());
    
    try {     
      joseTools.validateSignature(testValue);
      Assert.fail("Wrong JOSE Sig not detected");
      
    } catch (SL20Exception e) {
      Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId());
    }
      
  }
    
  @Override
  protected void setRsaSigningKey() {
    config.putConfigValue("modules.sl20.security.sign.alias", "meta");
    
  }

  @Override
  protected void setEcSigningKey() {
    config.putConfigValue("modules.sl20.security.sign.alias", "sig");
    
  }
  
  @Override
  protected void setRsaEncryptionKey() {
    config.putConfigValue("modules.sl20.security.encryption.alias", "meta");
    
  }

  @Override
  protected void setEcEncryptionKey() {
    config.putConfigValue("modules.sl20.security.encryption.alias", "sig");
    
  }

  @Override
  protected Pair<KeyStore, Provider> getEncryptionKeyStore() throws EaafException {    
    KeyStoreConfiguration keyConfig = new KeyStoreConfiguration();
    keyConfig.setFriendlyName("Junit Enc Key Rsa");
    keyConfig.setKeyStoreType(KeyStoreType.JKS);
    keyConfig.setSoftKeyStoreFilePath("src/test/resources/data/junit.jks");
    keyConfig.setSoftKeyStorePassword("password");
    
    return keyStoreFactory.buildNewKeyStore(keyConfig);
  }

  @Override
  protected String getRsaKeyAlias() {
    return "meta";
  }

  @Override
  protected String getRsaKeyPassword() {
    return "password";
  }

  @Override
  protected String getEcKeyAlias() {
    return "sig";
  }

  @Override
  protected String getEcKeyPassword() {
    return "password";
  }
  
}