package at.gv.egovernment.moa.id.auth.builder;

import java.io.ByteArrayInputStream;
import java.io.InputStream;

import org.w3c.dom.Element;

import at.gv.egovernment.moa.id.*;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.XPathUtils;

/**
 * Builder for the <code>&lt;VerifyXMLSignatureRequestBuilder&gt;</code> structure
 * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP.
 * 
 * @author Stefan Knirsch
 * @version $Id$
 */
public class VerifyXMLSignatureRequestBuilder {
  /** The MOA-Prefix */
  private static final String MOA = Constants.MOA_PREFIX + ":";
  /** the request as string */
  private String request;
  /** the request as DOM-Element */
  private Element reqElem;

  /**
   * Constructor for VerifyXMLSignatureRequestBuilder.
   */
  public VerifyXMLSignatureRequestBuilder() {}
  /**
   * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
   * from an IdentityLink with a known trustProfileID which 
   * has to exist in MOA-SP
   * @param idl - The IdentityLink
   * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
   * @return Element - The complete request as Dom-Element
   * @throws ParseException
   */
  public Element build(IdentityLink idl, String trustProfileID) throws ParseException
     { //samlAssertionObject
      request =
        "<?xml version='1.0' encoding='UTF-8' ?>"
          + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
          + "  <VerifySignatureInfo>"
          + "    <VerifySignatureEnvironment>"
          + "      <XMLContent xml:space=\"preserve\"/>"
          + "    </VerifySignatureEnvironment>"
          + "    <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
          + "  </VerifySignatureInfo>"
          + "  <SignatureManifestCheckParams ReturnReferenceInputData=\"false\">" // True bei CreateXMLSig Überprüfung
    +"     <ReferenceInfo>" + "     <VerifyTransformsInfoProfile/>"
    // Profile ID für create    (alle auslesen aus IDCOnfig VerifyAuthBlock)
  +"     </ReferenceInfo>" + "  </SignatureManifestCheckParams>"

      // Testweise ReturnReferenceInputData = False

  +"  <ReturnHashInputData/>"
    + "  <TrustProfileID>"
    + trustProfileID
    + "</TrustProfileID>"
    + "</VerifyXMLSignatureRequest>";

  try {
      InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
      reqElem = DOMUtils.parseXmlValidating(s);

      String CONTENT_XPATH =
        "//"
          + MOA
          + "VerifyXMLSignatureRequest/"
          + MOA
          + "VerifySignatureInfo/"
          + MOA
          + "VerifySignatureEnvironment/"
          + MOA
          + "XMLContent";

      Element insertTo =
        (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
      insertTo.appendChild(
        insertTo.getOwnerDocument().importNode(idl.getSamlAssertion(), true));

     String SIGN_MANI_CHECK_PARAMS_XPATH =
        "//"
          + MOA
          + "VerifyXMLSignatureRequest/"
          + MOA
          + "SignatureManifestCheckParams";
      insertTo =
        (Element) XPathUtils.selectSingleNode(
          reqElem,
          SIGN_MANI_CHECK_PARAMS_XPATH);
      insertTo.removeChild(
        (Element) XPathUtils.selectSingleNode(
          reqElem,
          SIGN_MANI_CHECK_PARAMS_XPATH + "/" + MOA + "ReferenceInfo"));
      Element[] dsigTransforms = idl.getDsigReferenceTransforms();
      for (int i = 0; i < 1; i++) //dsigTransforms.length; i++)  
        {
        Element refInfo =
          insertTo.getOwnerDocument().createElementNS(
            Constants.MOA_NS_URI,
            "ReferenceInfo");
        insertTo.appendChild(refInfo);
        Element verifyTransformsInfoProfile =
          insertTo.getOwnerDocument().createElementNS(
            Constants.MOA_NS_URI,
            "VerifyTransformsInfoProfile");
        refInfo.appendChild(verifyTransformsInfoProfile);
        verifyTransformsInfoProfile.appendChild(
          insertTo.getOwnerDocument().importNode(dsigTransforms[i], true));
      }
   }
  catch (Throwable t) {
    throw new ParseException( //"VerifyXMLSignatureRequest (IdentityLink)");
        "builder.00",
        new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" },
        t);
  }

    return reqElem;
  }

 /**
  * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
  * from an IdentityLink with a known trustProfileID which 
  * has to exist in MOA-SP
  * @param idl - The IdentityLink
  * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
  * @return Element - The complete request as Dom-Element
  * @throws ParseException
  */
  public Element build(
    CreateXMLSignatureResponse csr,
    String[] verifyTransformsInfoProfileID,
    String trustProfileID)
    throws ParseException { //samlAssertionObject
    request =
          "<?xml version='1.0' encoding='UTF-8' ?>"
        + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
        + "  <VerifySignatureInfo>"
        + "    <VerifySignatureEnvironment>"
        + "      <XMLContent xml:space=\"preserve\"/>"
        + "    </VerifySignatureEnvironment>"
        + "    <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
        + "  </VerifySignatureInfo>"
       + "  <SignatureManifestCheckParams ReturnReferenceInputData=\"true\">"
        + "     <ReferenceInfo>";
    
    for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) {
     request += "     <VerifyTransformsInfoProfileID>" + 
                verifyTransformsInfoProfileID[i] + 
                "</VerifyTransformsInfoProfileID>";
      // Profile ID für create    (auslesen aus IDCOnfig VerifyAuthBlock ODER per String übergeben....)
                
    }

    request +=  "     </ReferenceInfo>"
              + "  </SignatureManifestCheckParams>"
            // Testweise ReturnReferenceInputData = False
              +"  <ReturnHashInputData/>"
              + "  <TrustProfileID>"
              + trustProfileID
              + "</TrustProfileID>"
              + "</VerifyXMLSignatureRequest>";

    try {
      // Build a DOM-Tree of the obove String
      InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
      reqElem = DOMUtils.parseXmlValidating(s);
      //Insert the SAML-Assertion-Object
      String CONTENT_XPATH =
        "//"
          + MOA
          + "VerifyXMLSignatureRequest/"
          + MOA
          + "VerifySignatureInfo/"
          + MOA
          + "VerifySignatureEnvironment/"
          + MOA
          + "XMLContent";

      Element insertTo =
        (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
      insertTo.appendChild(
        insertTo.getOwnerDocument().importNode(csr.getSamlAssertion(), true));

    }
    catch (Throwable t) {
      throw new ParseException(
        "builder.00",
        new Object[] { "VerifyXMLSignatureRequest" },
        t);
    }

    return reqElem;
  }

}