/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 * 
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 * 
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 ******************************************************************************/
package at.gv.egovernment.moa.id.auth.servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;

import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;



public class RedirectServlet extends AuthServlet{

	private static final long serialVersionUID = 1L;

	public static final String REDIRCT_PARAM_URL = "redirecturl";

	private static final String DEFAULT_REDIRECTTARGET = "_parent";
	
	
	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		Logger.debug("Receive " + RedirectServlet.class + " Request");
		
		String url = req.getParameter(REDIRCT_PARAM_URL);
		String target = req.getParameter(MOAIDAuthConstants.PARAM_TARGET);
		String artifact = req.getParameter(MOAIDAuthConstants.PARAM_SAMLARTIFACT);
		String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP);
				
		Logger.debug("Check URL against online-applications");
		OAAuthParameter oa = null;
		String redirectTarget = DEFAULT_REDIRECTTARGET;
		try {
			oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url);			
			if (oa == null && !url.startsWith(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix())) {		
				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
				return;
				
			} else {				
				//Redirect is a SAML1 send Artifact redirct
				if (MiscUtil.isNotEmpty(artifact)) {
					try {
						String test = oa.getFormCustomizaten().get(FormBuildUtils.REDIRECTTARGET);
						if (MiscUtil.isNotEmpty(test))
							redirectTarget = test;
					
					} catch (Exception e) {
						Logger.debug("Use default redirectTarget.");
					}
				
					Logger.info("Redirect to " + url);
					
					if (MiscUtil.isNotEmpty(target)) {
//						redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
//								URLEncoder.encode(session.getTarget(), "UTF-8"));
						url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET,
								URLEncoder.encode(target, "UTF-8"));


					}
					url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT,
							URLEncoder.encode(artifact, "UTF-8"));
					url = resp.encodeRedirectURL(url);
					
					String redirect_form = RedirectFormBuilder.buildLoginForm(url, redirectTarget);
				
					resp.setContentType("text/html;charset=UTF-8");
					resp.setStatus(HttpServletResponse.SC_OK);
					PrintWriter out = new PrintWriter(resp.getOutputStream()); 
					out.write(redirect_form);
					out.flush();
					
				} else if (MiscUtil.isNotEmpty(interIDP)) {
					//store IDP identifier and redirect to generate AuthRequst service					
					Logger.info("Receive an interfederation redirect request for IDP " + interIDP);					
					SSOManager sso = SSOManager.getInstance();
					sso.setInterfederationIDPCookie(req, resp, interIDP);

					Logger.debug("Redirect to " + url);					
					url = resp.encodeRedirectURL(url);					
					resp.setContentType("text/html");
					resp.setStatus(HttpServletResponse.SC_FOUND);
					resp.addHeader("Location", url);
					
					
				} else {					
					Logger.debug("Redirect to " + url);					
					String redirect_form = RedirectFormBuilder.buildLoginForm(url, DEFAULT_REDIRECTTARGET);
					
					resp.setContentType("text/html;charset=UTF-8");
					resp.setStatus(HttpServletResponse.SC_OK);
					PrintWriter out = new PrintWriter(resp.getOutputStream()); 
					out.write(redirect_form);
					out.flush();
						
				}
				
			}
			
		} catch (Throwable e) {
			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
			return;
						
		} finally {
			
			
		}
	}
	

}