package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml;

import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;

import javax.servlet.http.HttpServletRequest;

import org.opensaml.core.xml.XMLObject;
import org.opensaml.messaging.decoder.MessageDecodingException;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;

import com.google.common.base.Strings;

import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils;
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.codec.Base64Support;
import net.shibboleth.utilities.java.support.codec.DecodingException;

/**
 * SAML2 Post-Binding decoder with same EAAF specific hardening regarding http
 * request-parameter processing.
 *
 * @author tlenz
 *
 */
@Slf4j
public class EaafHttpPostDecoder extends HTTPPostDecoder {

  private static final String SAML_REQ_PARAM_NAME = "SAMLRequest";
  private static final String SAML_RESP_PARAM_NAME = "SAMLResponse";

  public EaafHttpPostDecoder(HttpServletRequest req) {
    setHttpServletRequest(req);
  }

  @Override
  protected InputStream getBase64DecodedMessage(final HttpServletRequest request)
      throws MessageDecodingException {

    log.debug("Getting Base64 encoded message from request");
    String encodedMessage = SamlHttpUtils.getLastParameterFromRequest(request, SAML_REQ_PARAM_NAME);
    if (Strings.isNullOrEmpty(encodedMessage)) {
      encodedMessage = SamlHttpUtils.getLastParameterFromRequest(request, SAML_RESP_PARAM_NAME);

    }

    if (Strings.isNullOrEmpty(encodedMessage)) {
      log.info("Request did not contain either a SAMLRequest or "
          + "SAMLResponse paramter.  Invalid request for SAML 2 HTTP POST binding.");
      throw new MessageDecodingException("No SAML message present in request");
    }

    try {
      log.trace("Base64 decoding SAML message: {}", encodedMessage);
      final byte[] decodedBytes = Base64Support.decode(encodedMessage);

      try {
        log.trace("Decoded SAML message: {}", new String(decodedBytes, "UTF-8"));

      } catch (final UnsupportedEncodingException e) {
        log.warn("Logging of incomming message failed", e);

      }

      return new ByteArrayInputStream(decodedBytes);
      
    } catch (final DecodingException e) {        
      log.error("Unable to Base64 decode SAML message");
      throw new MessageDecodingException("Unable to Base64 decode SAML message",e);
    }      
    

  }

  /**
   * EAAF specific unmarshaller perform XML schema validation before unmarshalling
   * the SAML message.
   *
   */
  @Override
  protected XMLObject unmarshallMessage(final InputStream messageStream) throws MessageDecodingException {
    return Saml2Utils.unmarshallMessage(messageStream);

  }

}