package at.gv.egovernment.moa.id.proxy;

import iaik.pki.PKIException;
import iaik.pki.jsse.IAIKX509TrustManager;

import java.io.IOException;
import java.security.GeneralSecurityException;

import javax.net.ssl.SSLSocketFactory;

import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.logging.Logger;

/**
 * Web application initializer
 * 
 * @author Paul Ivancsics
 * @version $Id$
 */
public class MOAIDProxyInitializer {

  /**
   * Initializes the web application components which need initialization: 
   * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
   */
  public static void initialize() 
    throws ConfigurationException, IOException, GeneralSecurityException, PKIException {
      
    Logger.setHierarchy("moa.id.proxy");
    
    // Restricts TLS cipher suites
    System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
        
    // load some jsse classes so that the integrity of the jars can be verified
    // before the iaik jce is installed as the security provider
    // this workaround is only needed when sun jsse is used in conjunction with
    // iaik-jce (on jdk1.3)
    ClassLoader cl = MOAIDProxyInitializer.class.getClassLoader();
    try {
      cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
    } 
    catch (ClassNotFoundException e) {
      Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
    }

    // Initializes the SSLSocketFactory store
    SSLUtils.initialize();

    // Initializes IAIKX509TrustManager logging
    String log4jConfigURL = System.getProperty("log4j.configuration");
    if (log4jConfigURL != null) {
      IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
    }
    
    // Loads the configuration
    ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.reload();

    // Initializes the Axis secure socket factory for use in calling the MOA-Auth web service,
    // using configuration data
    ConnectionParameter connParamAuth = proxyConf.getAuthComponentConnectionParameter();
    if (connParamAuth.isHTTPSURL()) {
      SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(proxyConf, connParamAuth);
      AxisSecureSocketFactory.initialize(ssf);
    }
    
    // Initializes the Axis secure socket factories for use in calling the online applications,
    // using configuration data
    OAProxyParameter[] oaParams = proxyConf.getOnlineApplicationParameters();
    for (int i = 0; i < oaParams.length; i++) {
      OAProxyParameter oaParam = oaParams[i];
      ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
      if (oaConnParam.isHTTPSURL())
        SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
    }
    
    // Initializes the ConnectionBuilderFactory from configuration data
    ConnectionBuilderFactory.initialize();

    // Initializes the LoginParameterResolverFactory from configuration data
    LoginParameterResolverFactory.initialize();
    
  }
  
}