/*******************************************************************************
 *******************************************************************************/
package at.gv.egiz.eaaf.modules.pvp2.impl.utils;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.modules.pvp2.exception.QAANotAllowedException;

/**
 * @author tlenz
 *
 */
public class QAALevelVerifier {

	private static final Logger log = LoggerFactory.getLogger(QAALevelVerifier.class);
	
	public static void verifyQAALevel(String qaaAuth, String qaaRequest) throws QAANotAllowedException {
				
		if (EAAFConstants.EIDAS_QAA_LOW.equals(qaaRequest) && 
					(EAAFConstants.EIDAS_QAA_LOW.equals(qaaAuth) || 
							EAAFConstants.EIDAS_QAA_SUBSTANTIAL.equals(qaaAuth) ||
									EAAFConstants.EIDAS_QAA_HIGH.equals(qaaAuth))
				)  
			log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
		
		else if (EAAFConstants.EIDAS_QAA_SUBSTANTIAL.equals(qaaRequest) && 
					(EAAFConstants.EIDAS_QAA_SUBSTANTIAL.equals(qaaAuth) ||
								EAAFConstants.EIDAS_QAA_HIGH.equals(qaaAuth))
				) 
			log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
		
		else if (EAAFConstants.EIDAS_QAA_HIGH.equals(qaaRequest) && EAAFConstants.EIDAS_QAA_HIGH.equals(qaaAuth)) 
			log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
		
		else 
			throw new QAANotAllowedException(qaaAuth, qaaRequest);
		
	}
}