/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 * 
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 * 
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 ******************************************************************************/
package at.gv.egovernment.moa.id.auth.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringEscapeUtils;

import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;

public class GenerateIFrameTemplateServlet extends AuthServlet {

	private static final long serialVersionUID = 1L;

	public void init(ServletConfig servletConfig) throws ServletException {
		    try {
		      super.init(servletConfig);
		      MOAIDAuthInitializer.initialize();
		      Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding"));
		      Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null));
		    }
		    catch (Exception ex) {
		      Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex);
		      throw new ServletException(ex);
		    }
		  }
	  
	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		Logger.info("Receive " + GenerateIFrameTemplateServlet.class + " Request");

    	String pendingRequestID = null;
		
	    try {
	    	String bkuid = req.getParameter(PARAM_BKU);
	    	String useMandate = req.getParameter(PARAM_USEMANDATE);
	    	String ccc = req.getParameter(PARAM_CCC);
	    	String moasessionid = req.getParameter(PARAM_SESSIONID);
	    		    	
	    	moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
	    	
	    	AuthenticationSession moasession = null;

	    	if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) {
	    		Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use.");
	    		throw new MOAIDException("auth.23", new Object[] {});
	    	}
	    	
	    	try {	    		
	    	    pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
			
	    	    moasession = AuthenticationSessionStoreage.getSession(moasessionid);
	    	    
	    	    AuthenticationSessionStoreage.changeSessionID(moasession);
			
			} catch (MOADatabaseException e) {
				Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database");
				throw new MOAIDException("init.04", new Object[] {
						moasessionid});
				
			} catch (Throwable e) {
				Logger.info("No HTTP Session found!");
				throw new MOAIDException("auth.18", new Object[] {});
			}
	    	
	    	//load OA Config
			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
					.getOnlineApplicationParameter(moasession.getOAURLRequested());
			
			if (oaParam == null)
				throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() });
			
			else {
	    	
				//load Parameters from config
		    	String target = oaParam.getTarget();
		    	
		    	String bkuURL = oaParam.getBKUURL(bkuid);
		    	if (MiscUtil.isEmpty(bkuURL)) {
		    		Logger.info("No OA specific BKU defined. Use BKU from default configuration");
		    		bkuURL = AuthConfigurationProvider.getInstance().getDefaultBKUURL(bkuid);
		    	}
		    	
		    	//search for OA specific template
		    	String templateURL = null;
		    	List<TemplateType> oaTemplateURLList = oaParam.getTemplateURL();
		    	if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0
		    			&& MiscUtil.isNotEmpty(oaTemplateURLList.get(0).getURL()) ) {
		    		templateURL = oaTemplateURLList.get(0).getURL();
		    		
		    	} else {		    	
		    		templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
		    	}
		    	
		    	//make url absolut if it is a local url
	    		if (MiscUtil.isNotEmpty(templateURL))
	    			templateURL = FileUtils.makeAbsoluteURL(templateURL, 
	    					AuthConfigurationProvider.getInstance().getRootConfigFileDir());
		    	
		    	if (oaParam.isOnlyMandateAllowed()) 
		    		useMandate = "true";
		    	
		    	if (!oaParam.isShowMandateCheckBox())
		    		useMandate = "false";
		    	
		    	//parse all OA parameters i
		    	StartAuthentificationParameterParser.parse(moasession, 
		    											   target, 
		    											   moasession.getOAURLRequested(),
		    											   bkuURL,
		    											   templateURL,
		    											   useMandate,
		    											   ccc, 
		    											   moasession.getModul(),
		    											   moasession.getAction(),
		    											   req);
			}
			
		    StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance();			
		    String getIdentityLinkForm = startauth.build(moasession, req, resp);
			
			//store MOASession
			try {
				AuthenticationSessionStoreage.storeSession(moasession);
				
			} catch (MOADatabaseException e) {
				Logger.error("Database Error! MOASession is not stored!");
				throw new MOAIDException("init.04", new Object[] {
						moasession.getSessionID()});
			}
		    
		    if (!StringUtils.isEmpty(getIdentityLinkForm)) {
		    	resp.setContentType("text/html;charset=UTF-8");
		    	PrintWriter out = new PrintWriter(resp.getOutputStream());
		    	out.print(getIdentityLinkForm);
		    	out.flush();
		    	Logger.debug("Finished GET "+GenerateIFrameTemplateServlet.class);
		    }
	    } 
	    catch (WrongParametersException ex) {
	    	handleWrongParameters(ex, req, resp);
	    }
	          
	    catch (MOAIDException ex) {
	    	handleError(null, ex, req, resp, pendingRequestID);
	    }
	    
	    finally {
	    	ConfigurationDBUtils.closeSession();
	    }
	}
}