/*
 * Copyright 2003 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */


package at.gv.egovernment.moa.id.auth.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.swing.text.StyleContext.SmallAttributeSet;

import org.apache.commons.lang.StringEscapeUtils;
import org.opensaml.saml2.metadata.RequestedAttribute;

import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
import eu.stork.mw.messages.saml.STORKAuthnRequest;
import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
import eu.stork.vidp.messages.exception.SAMLException;
import eu.stork.vidp.messages.exception.SAMLValidationException;
import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
import eu.stork.vidp.messages.stork.RequestedAttributes;

public class LogOutServlet extends AuthServlet {

	private static final long serialVersionUID = 3908001651893673395L;

	private static final String REDIRECT_URL = "redirect";
	
  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {

	Logger.debug("receive LogOut Request");  

	String redirectUrl = (String) req.getParameter(REDIRECT_URL);
	
	SSOManager ssomanager = SSOManager.getInstance();
	
	try {
		//get SSO token from request
		String ssoid = ssomanager.getSSOSessionID(req);
		
		if (ssomanager.isValidSSOSession(ssoid, req)) {
	
			//TODO: Single LogOut Implementation
	
			//delete SSO session and MOA session
			AuthenticationManager authmanager = AuthenticationManager.getInstance();
			String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
	
			RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()), 
					AuthenticationSessionStoreage.getPendingRequestID(moasessionid));
			
			authmanager.logout(req, resp, moasessionid);
			Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
		} else {
			Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
		}
		
		//Remove SSO token
		ssomanager.deleteSSOSessionID(req, resp);
		
	} catch (Exception e) {
		Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e);
	}
		
	//Redirect to Application
    resp.setStatus(301);
    resp.addHeader("Location", redirectUrl);
  }


  protected void doPost(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
    
    doGet(req, resp);
  }
  

  /**
   * Calls the web application initializer.
   * 
   * @see javax.servlet.Servlet#init(ServletConfig)
   */
  public void init(ServletConfig servletConfig) throws ServletException {
  	try {
      super.init(servletConfig);
      MOAIDAuthInitializer.initialize();
  		Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null));
  	}
  	catch (Exception ex) {
  		Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex);
  		throw new ServletException(ex);
  	}
  }  

}