package at.gv.egovernment.moa.id.configuration.validation.moaconfig;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.apache.log4j.Logger;

import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;

public class StorkConfigValidator {

	private static final Logger log = Logger.getLogger(StorkConfigValidator.class);

	public List<String> validate(GeneralStorkConfig form, HttpServletRequest request) {

		List<String> errors = new ArrayList<String>();

		log.debug("Validate general STORK configuration");

		// check peps list
		
//		if (form.getCpepslist() != null) {
//			for(CPEPS current : form.getCpepslist()) {
		if (form.getRawCPEPSList() != null) {
			for(CPEPS current : form.getRawCPEPSList()) {
				// if an existing record got deleted
				if(null == current)
					continue;
				
				// check country code
				String check = current.getCountryCode();
				if (MiscUtil.isNotEmpty(check)) {
					if (ValidationHelper.containsNotValidCharacter(check, false)) {
						log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
								new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
					}
					if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
							log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
							errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
									new Object[] {check}, request ));
					}
					
					// check url
					check = current.getURL();
					if (MiscUtil.isNotEmpty(check)) {
						if (!ValidationHelper.validateURL(check)) {
							log.info("CPEPS config URL is invalid : " + check);
							errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
						}
					} else {
						log.warn("CPEPS config url is empty : " + check);
						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
								new Object[] {check}, request ));
					}
					
				} else {
					log.warn("CPEPS config countrycode is empty : " + check);
//					errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
//							new Object[] {check}, request ));
				}

			}

			if (form.getCpepslist() != null) {
				// ensure uniqueness of country code
				for (CPEPS one : form.getCpepslist())
					for (CPEPS another : form.getCpepslist())
						if (null != one && null != another && one.getCountryCode() != null)
							if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
								errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
								break;
							}
			}
		}

		// check qaa
		String qaa = form.getDefaultQaa();
		if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) {
			log.warn("eIDAS LoA is not allowed : " + qaa);
			errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
					new Object[] {qaa}, request ));
		}

		// check attributes
		if (MiscUtil.isNotEmpty(form.getAttributes())) {
			for(StorkAttribute check : form.getAttributes()) {
				if (check != null && MiscUtil.isNotEmpty(check.getName())) {
					String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
					if (ValidationHelper.containsNotValidCharacter(tmp, true)) { 
						log.warn("default attributes contains potentail XSS characters: " + check);
						errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
								new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
					}
					if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
							log.warn("default attributes do not match the requested format : " + check);
							errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
									new Object[] {check}, request ));
					}
					
				} 
			}
			
		//TODO: STORK attributes check if no attribute is set	
//		} else {
//			log.warn("no attributes specified");
//			errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty",
//					new Object[] {} ));
		}

		return errors;
	}
}