/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 * 
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 * 
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 ******************************************************************************/
/*
 * Copyright 2003 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */


package at.gv.egovernment.moa.id.auth.invoke;

import javax.xml.namespace.QName;

import org.w3c.dom.Document;
import org.w3c.dom.Element;

import at.gv.egovernment.moa.id.auth.exception.ServiceException;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
import at.gv.egovernment.moaspss.logging.Logger;

/**
 * Invoker of the <code>SignatureVerification</code> web service of MOA-SPSS.<br>
 * Either invokes the web service, or calls the corresponding API, depending on configuration data.
 * 
 * @author Stefan Knirsch
 * @version $Id$
 */
public class SignatureVerificationInvoker {

	private static SignatureVerificationInvoker instance = null;
	private SignatureVerificationService svs = null;
	
	/** This QName Object identifies the SignatureVerification endpoint of the web service */
  private static final QName SERVICE_QNAME = new QName("SignatureVerification");

  
  public static SignatureVerificationInvoker getInstance() {
	  if (instance == null) {
		  instance = new SignatureVerificationInvoker();
		  
	  }
	  
	  return instance;
  }
  
  private SignatureVerificationInvoker() {	  
//    try {
//    	AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
//		ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
		
//		if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
//			
//			
//		} else {
			svs = SignatureVerificationService.getInstance();
			
//		}
		
//	} catch (ConfigurationException e) {
//		// TODO Auto-generated catch block
//		e.printStackTrace();
//	}
	  
  }
  
  public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest cmsSigVerifyReq) throws ServiceException {	 
	  try {
		return svs.verifyCMSSignature(cmsSigVerifyReq);
		
	  } catch (MOAException e) {
		  Logger.warn("CMS signature verification has an error.", e);
		  throw new ServiceException("service.03", new Object[] { e.toString()}, e);
		  
	  }
	  
  }
  
  /**
   * Method verifyXMLSignature.
   * @param request to be sent
   * @return Element with the answer
   * @throws ServiceException if an error occurs
   */
  public Element verifyXMLSignature(Element request) throws ServiceException {
    return doCall(SERVICE_QNAME, request);
  }

  /**
   * Method doCall.
   * @param serviceName the name of the service
   * @param request the request to be sent
   * @return Element the answer
   * @throws ServiceException if an error occurs
   */
  protected Element doCall(QName serviceName, Element request) throws ServiceException {
	  ConnectionParameterInterface authConnParam = null;
    try {      
//      AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
//      authConnParam = authConfigProvider.getMoaSpConnectionParameter();
//      //If the ConnectionParameter do NOT exist, we try to get the api to work....
//      if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
//    	  
//    	  throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
////        Service service = ServiceFactory.newInstance().createService(serviceName);
////        Call call = service.createCall();
////        SOAPBodyElement body = new SOAPBodyElement(request);
////        SOAPBodyElement[] params = new SOAPBodyElement[] { body };
////        Vector responses;
////        SOAPBodyElement response;
////    	  
////        Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
////        call.setTargetEndpointAddress(authConnParam.getUrl());
////        responses = (Vector) call.invoke(serviceName, params);
////        Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
////        response = (SOAPBodyElement) responses.get(0);
////        return response.getAsDOM();
//      }
//      else {
        VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);		
        VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
        Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
       
        //Logger.setHierarchy("moa.id.auth");
        return result.getDocumentElement();
//      }
    }
    catch (Exception ex) {
      if (authConnParam != null) {
	      throw new ServiceException("service.00", new Object[] { ex.toString()}, ex);
      } else {
        throw new ServiceException("service.03", new Object[] { ex.toString()}, ex);
      }
    }
  }
}