package at.asitplus.eidas.specific.connector.test.utils;

import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;

import java.io.IOException;
import java.security.PublicKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

import javax.xml.transform.TransformerException;

import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opensaml.core.config.InitializationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.w3c.dom.Element;

import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/applicationContext.xml", "/spring/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml",
    "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" })
@ActiveProfiles(profiles = {"deprecatedConfig"})
@WebAppConfiguration
public class AuthenticationDataBuilderTest {

  @Autowired
  private AuthenticationDataBuilder authenticationDataBuilder;

  @Autowired(required = true)
  private IConfiguration basicConfig;

  private MockHttpServletRequest httpReq;
  private MockHttpServletResponse httpResp;
  private TestRequestImpl pendingReq;

  private DummySpConfiguration oaParam;

  private String eidasBind;
  private String authBlock;

  @BeforeClass
  public static void classInitializer() throws InitializationException, ComponentInitializationException {
    final String current = new java.io.File(".").toURI().toString();
    System.setProperty("eidas.ms.configuration", current
        + "src/test/resources/config/junit_config_3.properties");

    EaafOpenSaml3xInitializer.eaafInitialize();
  }

  @Before
  public void initialize() throws EaafStorageException {
    httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
    httpResp = new MockHttpServletResponse();
    RequestContextHolder.resetRequestAttributes();
    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));

    final Map<String, String> spConfig = new HashMap<>();
    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
    oaParam = new DummySpConfiguration(spConfig, basicConfig);

    pendingReq = new TestRequestImpl();
    pendingReq.setAuthUrl("https://localhost/ms_connector");
    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
    pendingReq.setSpConfig(oaParam);
    authBlock = RandomStringUtils.randomAlphanumeric(20);
    eidasBind = RandomStringUtils.randomAlphanumeric(20);
    pendingReq.getSessionData(AuthProcessDataWrapper.class)
        .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock);
    pendingReq.getSessionData(AuthProcessDataWrapper.class)
        .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind);
    pendingReq.getSessionData(AuthProcessDataWrapper.class)
        .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5));
    pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
        PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
        RandomStringUtils.randomAlphabetic(2));

    LocaleContextHolder.resetLocaleContext();

  }

  @Test
  public void eidMode() throws EaafAuthenticationException {
    // initialize state
    boolean isTestIdentity = RandomUtils.nextBoolean();
    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
    
    // execute
    IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);

    // validate state
    Assert.assertNotNull("AuthData null", authData);
    Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
    Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
    Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
    Assert.assertEquals("testIdentity flag", 
        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
        ((EidAuthenticationData)authData).getEidStatus());

    String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
    String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);

    Assert.assertEquals("authBlock not equal", this.authBlock, authBlock);
    Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind);
    Assert.assertEquals("piiTransactionId",
        authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class),
        this.pendingReq.getUniquePiiTransactionIdentifier());
    Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
    Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(),
        authData.getEidasQaaLevel());
    Assert.assertEquals("EID-ISSUING-NATION",
        pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(
            PvpAttributeDefinitions.EID_ISSUING_NATION_NAME),
        authData.getCiticenCountryCode());

    Assert.assertNull("bPK", authData.getBpk());
    Assert.assertNull("bPKType", authData.getBpkType());
    Assert.assertNull("FamilyName", authData.getFamilyName());
    Assert.assertNull("GivenName", authData.getGivenName());
    Assert.assertNull("DateOfBirth", authData.getDateOfBirth());
    Assert.assertNull("baseId", authData.getIdentificationValue());
    Assert.assertNull("baseIdType", authData.getIdentificationType());
    Assert.assertNull("IDL", authData.getIdentityLink());

  }

  @Test
  public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
    //initialize state
    boolean isTestIdentity = RandomUtils.nextBoolean();
    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);    
    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
    IIdentityLink idl = buildDummyIdl();
    pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
    
    //execute
    IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);

    //validate state
    Assert.assertNotNull("AuthData null", authData);
    Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
    Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
    Assert.assertNull("piiTransactionId", 
        authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class));
    
    Assert.assertEquals("testIdentity flag", 
        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
        ((EidAuthenticationData)authData).getEidStatus());
    
    Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
    Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
    Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), 
        authData.getEidasQaaLevel());
    Assert.assertEquals("EID-ISSUING-NATION", 
        pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(
            PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), 
        authData.getCiticenCountryCode());
    
    Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName());
    Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName());
    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getDateOfBirth());
    Assert.assertEquals("bPK", 
        BpkBuilder.generateAreaSpecificPersonIdentifier(
            idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), 
        authData.getBpk());
    Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType());
    Assert.assertNotNull("IDL", authData.getIdentityLink());
    
    
  }

  private IIdentityLink buildDummyIdl() {
    return new IIdentityLink() {
      
      String familyName = RandomStringUtils.randomAlphabetic(10);
      String givenName = RandomStringUtils.randomAlphabetic(10);
      String dateOfBirth = "1955-02-03";
      String baseId = RandomStringUtils.randomAlphanumeric(20);
      String saml2Serialized = RandomStringUtils.randomAlphanumeric(150);

     
      
      @Override
      public void setSamlAssertion(Element arg0) throws TransformerException, IOException {
     
      }

      @Override
      public void setPublicKey(PublicKey[] arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setPrPerson(Element arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setIssueInstant(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setIdentificationValue(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setIdentificationType(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setGivenName(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setFamilyName(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setDsigReferenceTransforms(Element[] arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public void setDateOfBirth(String arg0) {
        // TODO Auto-generated method stub

      }

      @Override
      public String getSerializedSamlAssertion() {
        return this.saml2Serialized;
      }

      @Override
      public Element getSamlAssertion() {        
        IIdentityLink fullIdl;
        try {
          fullIdl = new SimpleIdentityLinkAssertionParser(
              AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink();
          return fullIdl.getSamlAssertion();
        
        } catch (EaafParserException e) {         
          e.printStackTrace();
        }
        
        return null;
        
      }

      @Override
      public PublicKey[] getPublicKey() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public Element getPrPerson() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public String getName() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public Date getIssueInstantDate() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public String getIssueInstant() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public String getIdentificationValue() {
        return this.baseId;
      }

      @Override
      public String getIdentificationType() {
        return EaafConstants.URN_PREFIX_BASEID;
      }

      @Override
      public String getGivenName() {
        return this.givenName;
      }

      @Override
      public String getFamilyName() {
        return this.familyName;
      }

      @Override
      public Element[] getDsigReferenceTransforms() {
        // TODO Auto-generated method stub
        return null;
      }

      @Override
      public String getDateOfBirth() {
        return this.dateOfBirth;

      }
    };
  }

}