package at.gv.egovernment.moa.id.proxy;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Vector;

import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;

import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.BoolUtils;

import com.sun.net.ssl.HostnameVerifier;
import com.sun.net.ssl.HttpsURLConnection;

/**
 * Defaultimplementierung von <code>ConnectionBuilder</code>.
 * @author Paul Ivancsics
 * @version $Id$
 */
public class DefaultConnectionBuilder implements ConnectionBuilder {
  
  /** a boolean to disable the HostnameVerification (default = false)*/
  private static boolean cbDisableHostnameVerification = false;

  /**
   * Constructor for DefaultConnectionBuilder.
   * @throws ConfigurationException on any config error
   */
  public DefaultConnectionBuilder() throws ConfigurationException {
    cbDisableHostnameVerification = BoolUtils.valueOf(
      ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter(
        "ProxyComponent.DisableHostnameVerification"));
      //TODO MOA-ID BRZ undocumented feature
    if (cbDisableHostnameVerification)
      Logger.warn("ProxyComponent.DisableHostnameVerification: " + cbDisableHostnameVerification);
  }

  /**
   * @see at.gv.egovernment.moa.id.proxy.ConnectionBuilder#buildConnection
   */
  public HttpURLConnection buildConnection(
    HttpServletRequest req,
    String publicURLPrefix,
    String realURLPrefix,
    SSLSocketFactory sslSocketFactory,
    Vector parameters)
    throws IOException {

    String requestedURL = req.getRequestURL().toString();
    // check whether requested URL starts with publicURLPrefix

    //Temporary allow http:// urls instead of the https:// in publicURLPrefix
    //if (req.getSession().getAttribute("authorizationkey")==null) {
    //  if (! requestedURL.startsWith(publicURLPrefix))
    //    throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
    //    "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
    //}
    
    // in case of GET request, append query string to requested URL;
    // otherwise, HttpURLConnection would perform a POST request
    if ("get".equalsIgnoreCase(req.getMethod()) && ! parameters.isEmpty()) {
      requestedURL = appendQueryString(requestedURL, parameters);
    }
    // build real URL in online application
    String realURLString = realURLPrefix + requestedURL.substring(publicURLPrefix.length());
    URL url = new URL(realURLString);
    Logger.debug("OA Request: " + req.getMethod() + " " + url.toString());

    HttpURLConnection conn = (HttpURLConnection)url.openConnection();
    conn.setRequestMethod(req.getMethod());
    conn.setDoInput(true);
    conn.setDoOutput(true);
    //conn.setUseCaches(false);
    //conn.setAllowUserInteraction(true);
    conn.setInstanceFollowRedirects(false);
    if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
      HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
      httpsConn.setSSLSocketFactory(sslSocketFactory);
      if (cbDisableHostnameVerification)
        httpsConn.setHostnameVerifier(new HostnameNonVerifier());
    }
    return conn;
  }
  
  
  /**
   * Disconnects the HttpURLConnection if necessary.
   * The implementation of the Connectionbuilder decides wether 
   * if this should be happen or not.
   *
   * @param con the HttpURLConnection which is normaly to be closed
   */
  public void disconnect(HttpURLConnection conn) {
  	conn.disconnect();
  }


  /**
   * @param requestedURL
   * @param parameters
   * @return
   */
  private String appendQueryString(String requestedURL, Vector parameters) {
    String newURL = requestedURL;
    String parameter[] = new String[2];
    String paramValue ="";
    String paramName ="";
    String paramString ="";
    for (Iterator iter = parameters.iterator(); iter.hasNext();) {
      try {
      	parameter = (String[]) iter.next();   	
      	//next two lines work not with OWA-SSL-Login-form
        paramName = URLEncoder.encode((String) parameter[0], "UTF-8");
        paramValue = URLEncoder.encode((String) parameter[1], "UTF-8");

      } catch (UnsupportedEncodingException e) {
   		//UTF-8 should be supported
      }
      paramString = "&" + paramName + "=" + paramValue + paramString;
    } 	
    if (paramString.length()>0) newURL = newURL + "?" + paramString.substring(1);
    return newURL;
  }

  /**
     * @author Stefan Knirsch
     * @version $Id$
     * A private class to change the standard HostName verifier to disable the
     * Hostname Verification Check
     */
  private class HostnameNonVerifier implements HostnameVerifier {
    
    /**
     * @see com.sun.net.ssl.HostnameVerifier#verify(String, String)
     */
    public boolean verify(String arg0, String arg1) {
      return true;
    }
  }

}