/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;

public class OAOAUTH20ConfigValidation {
	
	private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class);
	
	public List<String> validate(OAOAuth20Config form, HttpServletRequest request) {
		
		List<String> errors = new ArrayList<String>();
		
		// validate secret
//		if (StringUtils.isEmpty(form.getClientSecret())) {
//			errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret"));
//		}
		
		// validate redirectUri
		if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) {
			errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request));
		}
		
		return errors;
	}
}