/*
 * Copyright 2003 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */


package at.gv.egovernment.moa.id.config;

import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Map;

import at.gv.egovernment.moa.id.data.IssuerAndSerial;

/**
 * Base class for <code>AuthConfigurationProvider</code> and <code>ProxyConfigurationProvider</code>,
 * providing functions common to both of them.
 *
 * @author Paul Ivancsics
 * @version $Id$
 */
public class ConfigurationProvider {

  /**
   * Constructor
   */
  public ConfigurationProvider() {
    super();
  }

  /** 
   * The name of the system property which contains the file name of the 
   * configuration file.
   */
  public static final String CONFIG_PROPERTY_NAME =
    "moa.id.configuration";

  /**
   * The name of the generic configuration property giving the certstore directory path.
   */
  public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY =
    "DirectoryCertStoreParameters.RootDir";    

	/**
	 * The name of the generic configuration property switching the ssl revocation checking on/off
	 */
	public static final String TRUST_MANAGER_REVOCATION_CHECKING =
		"TrustManager.RevocationChecking";    


  /**
     * A <code>Map</code> which contains generic configuration information. Maps a
     * configuration name (a <code>String</code>) to a configuration value (also a
     * <code>String</code>).
     */
  protected Map genericConfiguration;

  /** The default chaining mode. */
  protected String defaultChainingMode;

  /** 
     * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to
     * chaining mode (a <code>String</code>) mapping.
     */
  protected Map chainingModes;

  /**
     * the URL for the trusted CA Certificates
     */
  protected String trustedCACertificates;

	/**
	 * main configuration file directory name used to configure MOA-ID 
	 */
	protected String rootConfigFileDir;

	/**
		 * Returns the main configuration file directory used to configure MOA-ID
		 * 
		 * @return the directory
		 */
	public String getRootConfigFileDir() {
		return rootConfigFileDir;
	}

  /**
     * Returns the mapping of generic configuration properties.
     * 
     * @return The mapping of generic configuration properties (a name to value
     * mapping) from the configuration.
     */
  public Map getGenericConfiguration() {
    return genericConfiguration;
  }

  /**
     * Returns the value of a parameter from the generic configuration section.
     * 
     * @return the parameter value; <code>null</code> if no such parameter
     */
  public String getGenericConfigurationParameter(String parameter) {
  	if (! genericConfiguration.containsKey(parameter))
  		return null;
    return (String)genericConfiguration.get(parameter);
  }

  /**
     * Return the chaining mode for a given trust anchor.
     * 
     * @param trustAnchor The trust anchor for which the chaining mode should be
     * returned.
     * @return The chaining mode for the given trust anchor. If the trust anchor
     * has not been configured separately, the system default will be returned.
     */
  public String getChainingMode(X509Certificate trustAnchor) {
    Principal issuer = trustAnchor.getIssuerDN();
    BigInteger serial = trustAnchor.getSerialNumber();
    IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
  
    String mode = (String) chainingModes.get(issuerAndSerial);
    return mode != null ? mode : defaultChainingMode;
  }

  /**
   * Returns the trustedCACertificates.
   * @return String
   */
  public String getTrustedCACertificates() {
    
    return trustedCACertificates;
  }
  
}