/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
package at.gv.egovernment.moa.id.config.legacy;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.URI;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;

import org.w3c.dom.Element;

import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;

import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;

public class BuildFromLegacyConfig {

	private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";

	private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/";
	private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at";
	private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request";
	
	public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException {
	    InputStream stream = null;
	    Element configElem;
	    ConfigurationBuilder builder;
	    
	    Logger.info("Load Legacy-Configuration from file=" + fileName);
	    
	    try {
	    	// load the main config file
			stream = new BufferedInputStream(new FileInputStream(fileName));
			configElem = DOMUtils.parseXmlValidating(stream);
			      
	    } catch (Throwable t) {
	    	throw new ConfigurationException("config.03", null, t);
		}
		   
		finally {
			try {
				if (stream != null) {
					stream.close();
			    }
			} catch (IOException e) {
			
			}
		}
	    
	    try {
	    	String oldbkuonline = "";
	    	String oldbkulocal = "";
	    	String oldbkuhandy = "";
	    		    	
	        // build the internal datastructures
	    	builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
	    	
	    	
	    	MOAIDConfiguration moaIDConfig = new MOAIDConfiguration();
	    	
	    	AuthComponentGeneral generalAuth = new AuthComponentGeneral();
	    	moaIDConfig.setAuthComponentGeneral(generalAuth);
	    	
	    	
	    	//not supported by MOA-ID 2.0
	    	//ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
	    	//bKUSelectable = (bKUConnectionParameter!=null);	    	
	    	//bKUSelectionType = builder.buildAuthBKUSelectionType();
	    	
	    	
	    	//Load generic Config
	    	Map<String, String> genericConfiguration = builder.buildGenericConfiguration();
	    	GeneralConfiguration authGeneral = new GeneralConfiguration();
	    		    	
	    	if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))
	    		authGeneral.setTrustManagerRevocationChecking(
	    				Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)));
	    	else
	    		authGeneral.setTrustManagerRevocationChecking(true);
	    	
	    	if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY))
	    		authGeneral.setCertStoreDirectory(
	    				(String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY));
	    		
	    	
	    	//Load Assertion and Session timeouts
	    	TimeOuts timeOuts = new TimeOuts();
	    	if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY))
	    		timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY))));
	    	else
	    		timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min
	    	
	    	if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY))
	    		timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY))));
	    	else
	    		timeOuts.setAssertion(BigInteger.valueOf(30*60));  //default 30min
	    	
	    	timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min
	    	authGeneral.setTimeOuts(timeOuts);    	
	    	generalAuth.setGeneralConfiguration(authGeneral);
	    	
	    	Protocols auth_protocols = new Protocols();
	    	generalAuth.setProtocols(auth_protocols);
	    	
	    	LegacyAllowed prot_legacy = new LegacyAllowed();
	    	auth_protocols.setLegacyAllowed(prot_legacy);
	    	final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
	    	prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
	    	
	    	//set SAML1 config
	    	SAML1 saml1 = new SAML1();
	    	saml1.setIsActive(true);
	    	if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
	    		saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
	    	auth_protocols.setSAML1(saml1);
	    	
	    	//set OAuth config
	    	OAuth oauth = new OAuth();
	    	oauth.setIsActive(true);
	    	auth_protocols.setOAuth(oauth);
	    	
	    	//set PVP2.1 config
	    	PVP2 prot_pvp2 = new PVP2();
	    	auth_protocols.setPVP2(prot_pvp2);
	    	prot_pvp2.setPublicURLPrefix("https://....");
	    	prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
	    	
	    	Organization pvp2_org = new Organization();
	    	prot_pvp2.setOrganization(pvp2_org);
	    	pvp2_org.setDisplayName("OrganisationDisplayName");
	    	pvp2_org.setName("OrganisatioName");
	    	pvp2_org.setURL("http://testorganisation.at");
	    	
	    	List<Contact> pvp2_contacts = new ArrayList<Contact>();
	    	prot_pvp2.setContact(pvp2_contacts);	    	
	    	
	    	Contact pvp2_contact = new Contact();
	    	pvp2_contact.setCompany("OrganisationDisplayName");
	    	pvp2_contact.setGivenName("Max");
	    	
	    	
	    	List<String> mails = new ArrayList<String>();
	    	pvp2_contact.setMail(mails);
	    	mails.add("max@muster.mann");

	    	List<String> phones = new ArrayList<String>();
	    	pvp2_contact.setPhone(phones);
	    	phones.add("01 5555 5555");
	    	
	    	pvp2_contact.setSurName("Mustermann");
	    	pvp2_contact.setType("technical");
	    	pvp2_contacts.add(pvp2_contact);
	    	
	    	//SSO
	    	SSO auth_sso = new SSO();
	    	generalAuth.setSSO(auth_sso);
	    	auth_sso.setTarget("");
	    	auth_sso.setFriendlyName("");

	    	
	    	//set SecurityLayer Transformations
	    	String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
	    	String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
	    	
	    	List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>();
	    	if (transformsInfos != null && transformsInfos.length > 0) {
	    		for (int i=0; i<transformsInfos.length; i++) {

	    			TransformsInfoType transforminfotype = new TransformsInfoType();
	    		
	    			if (transformsInfoFileNames[i] != null && 
	    					transformsInfos[i] != null) {	    			
	    				String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir);	    			    			
	    				Path fileName_ = new File(new URI(fileURL)).toPath().getFileName();
	    				transforminfotype.setFilename(fileName_.toString());
	    		
	    				transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
	    				auth_transformInfos.add(transforminfotype);
	    				
	    			} else
	    				Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i] 
	    						+ "not found.");
	    		}
	    		
	    	} 
	    	
	    	SecurityLayer auth_securityLayer = new SecurityLayer();
	    	auth_securityLayer.setTransformsInfo(auth_transformInfos);
	    	generalAuth.setSecurityLayer(auth_securityLayer);
	    	
	    	
	    	//set MOASP configuration
	    	MOASP auth_moaSP = new MOASP();
	    	generalAuth.setMOASP(auth_moaSP);
	    	
	    	//set MOASP connection
	    	ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
	    	if (moaSpConnectionParameter != null) {
	    		ConnectionParameterClientAuthType auth_moaSP_connection = 
	    			parseConnectionParameterClientAuth(moaSpConnectionParameter);
	    		auth_moaSP.setConnectionParameter(auth_moaSP_connection);
	    	}
	    	
	    	//set VerifyIdentityLink
	    	String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
	    	VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink();
	    	auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID);
	    	auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink);
	    	
	    	//set VerifyAuthBlock
	    	String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
	    	VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock();
	    	auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID);
	    	String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
	    	List<String> transformlist = new ArrayList<String>();
	    	Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs);
	    	auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist);
	    	auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
	    	
	    	
	    	//set IdentityLinkSigners
	    	IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
	    	generalAuth.setIdentityLinkSigners(auth_idsigners);
	    	List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
	    	auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames);
	    	
	    	
	    	//not supported by MOA-ID 2.0
	    	VerifyInfoboxParameters defaultVerifyInfoboxParameters = null;
//	        Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH);
//	        if (defaultVerifyInfoboxParamtersElem != null) {
//	          defaultVerifyInfoboxParameters = 
//	            builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID);
//	        }
	        

	    	//Set ForeignIdentities
	    	ForeignIdentities auth_foreign = new ForeignIdentities();
	    	generalAuth.setForeignIdentities(auth_foreign);
	    	
	    	//set Connection parameters
	        ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter();
	        ConnectionParameterClientAuthType auth_foreign_connection = 
	        		parseConnectionParameterClientAuth(foreignIDConnectionParameter);
	        auth_foreign.setConnectionParameter(auth_foreign_connection);
	        
	    	//set OnlineMandates config
	        ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
	        if (onlineMandatesConnectionParameter != null) {
	        	OnlineMandates auth_mandates = new OnlineMandates();
	        	generalAuth.setOnlineMandates(auth_mandates);
	        	auth_mandates.setConnectionParameter(
	        		parseConnectionParameterClientAuth(onlineMandatesConnectionParameter));
	        }
	        
	        
	        //TODO: add auth template configuration!!!
	        
	        
	    	if (oldconfig != null) {
	    		if (oldconfig.getDefaultBKUs() != null) {
	    			oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU();
	    			oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU();
	    			oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU();
	    		}	    		
	    	} else {
	    		List<String> trustbkus = builder.getTrustedBKUs();
	    		for (String trustbku : trustbkus) {
	    			if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE))
	    				oldbkuonline = trustbku;
	    			
	    			if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY))
	    				oldbkuhandy = trustbku;
	    			
	    			if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL))
	    				oldbkulocal = trustbku;
	    		}
	    		
	    	}
	        

	        //set OnlineApplications
	        OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);

	        ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
	        moaIDConfig.setOnlineApplication(moa_oas);
	        
	        for (OAAuthParameter oa : onlineApplicationAuthParameters) {
	        	OnlineApplication moa_oa = new OnlineApplication();
	        	
	        	//set general OA configuration
	        	moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
	        	moa_oa.setFriendlyName(oa.getFriendlyName()); 
	        	moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
	        	moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
	        	moa_oa.setTarget(oa.getTarget());
	        	moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
        		moa_oa.setType(oa.getOaType());
        		moa_oa.setIsActive(true);
	        	
	        	
	        	AuthComponentOA oa_auth = new AuthComponentOA();
	        	moa_oa.setAuthComponentOA(oa_auth);
	        	
	        	//SLLayer Version / useIframe 
//	        	oa_auth.setSlVersion(oa.getSlVersion());
//	        	oa_auth.setUseIFrame(false);
//	        	oa_auth.setUseUTC(oa.getUseUTC());
	        	
	        	//BKUURLs
	        	BKUURLS bkuurls = new BKUURLS();
	        	bkuurls.setOnlineBKU(oldbkuonline);
	        	bkuurls.setHandyBKU(oldbkuhandy);
	        	bkuurls.setLocalBKU(oldbkulocal);
	        	oa_auth.setBKUURLS(bkuurls);
	        	
	        	//IdentificationNumber
	        	IdentificationNumber idnumber = new IdentificationNumber();
	        	idnumber.setValue(oa.getIdentityLinkDomainIdentifier());
	        	idnumber.setType(oa.getIdentityLinkDomainIdentifierType());
	        	oa_auth.setIdentificationNumber(idnumber);
	        	
	        	//set Templates
	        	TemplatesType templates = new TemplatesType();
	        	oa_auth.setTemplates(templates);
	        	templates.setAditionalAuthBlockText("");
	        	TemplateType template = new TemplateType();
	        	template.setURL(oa.getTemplateURL());
	        	ArrayList<TemplateType> template_list = new ArrayList<TemplateType>();
	        	template_list.add(template);
	        	templates.setTemplate(template_list);
	        	
	        	
	        	//TransformsInfo not supported by MOAID 2.0
	        	String[] transforminfos = oa.getTransformsInfos();
	        	for (String e1 : transforminfos) {	        		
	        		if (MiscUtil.isNotEmpty(e1)) {
	        			Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix()
	        					+ " are not supported. USE AdditionalAuthBlock text!");
	        		}
	        	}
	        	
	        	//VerifyInfoBoxes not supported by MOAID 2.0
	        	
	        	//set Mandates
	        	Mandates oa_mandates = new Mandates();
	        	oa_auth.setMandates(oa_mandates);
	        	List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
	        	
	        	String oldProfiles = oa.getMandateProfiles();
	        	if (MiscUtil.isNotEmpty(oldProfiles)) {
		        	String[] oldprofileList = oldProfiles.split(",");
		        	for (int i=0; i<oldprofileList.length; i++) {
		        		MandatesProfileNameItem item = new MandatesProfileNameItem();
		        		item.setItem(oldprofileList[i].trim());
		        		profileList.add(item);
		        	}
					oa_mandates.setProfileNameItems(profileList );
	        	}
	        	
	        	//STORK
	        	//TODO: OA specific STORK config is deactivated in MOA 1.5.2
	        	
	        	//SSO
	        	OASSO oa_sso = new OASSO();
	        	oa_auth.setOASSO(oa_sso);
	        	oa_sso.setUseSSO(true);
	        	oa_sso.setSingleLogOutURL("");
	        	oa_sso.setAuthDataFrame(true);
	        	
	        	//OA_SAML1
	        	OASAML1 oa_saml1 = new OASAML1();
	        	oa_auth.setOASAML1(oa_saml1);
	        	oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength()));
	        	oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock());
	        	oa_saml1.setProvideCertificate(oa.getProvideCertifcate());
	        	oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData());
	        	oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink());
	        	oa_saml1.setProvideStammzahl(oa.getProvideStammzahl());
	        	oa_saml1.setUseCondition(oa.getUseCondition());
	        	oa_saml1.setIsActive(true);
	        	oa_saml1.setProvideAllErrors(false);
	        	
	        	//OA_PVP2
	        	OAPVP2 oa_pvp2 = new OAPVP2();
	        	oa_auth.setOAPVP2(oa_pvp2);
	        		        	
	        	moa_oas.add(moa_oa);
	        	//ConfigurationDBUtils.save(moa_oa);
	        }
	        
	        //removed from MOAID 2.0 config
	    	//identityLinkX509SubjectNames =  builder.getIdentityLink_X509SubjectNames();
	       
	        
	    	//set chaining modes
	    	ChainingModes moa_chainingModes = new ChainingModes();
	    	moaIDConfig.setChainingModes(moa_chainingModes);
	    	
	    	
	    	
	    	String defaultmode = builder.getDefaultChainingMode();
	    	ChainingModeType type;
	    	if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE))
	    		type = ChainingModeType.CHAINING;
	    	else
	    		type = ChainingModeType.PKIX;
	    	
	    	
	    	moa_chainingModes.setSystemDefaultMode(type);
	    	
	    	Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes();
	    	List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>();
	    	Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet();
	    	for (IssuerAndSerial e1 : chaining_anchor_map) {
	    		TrustAnchor trustanchor = new TrustAnchor();
	    		
	    		ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1));
	    		trustanchor.setMode(type1);
	    		
	    		trustanchor.setX509IssuerName(e1.getIssuerDN());
	    		trustanchor.setX509SerialNumber(e1.getSerial());
	    		chaining_anchor.add(trustanchor);
	    	}
	    	moa_chainingModes.setTrustAnchor(chaining_anchor);
	    	
	    	
	    	//set trustedCACertificate path
	    	moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
	    	
	   	    	
	    	//Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
	    	//trustedBKUs = builder.getTrustedBKUs();
	    	//trustedTemplateURLs = builder.getTrustedTemplateURLs();
	    	
	    	
	    	//set DefaultBKUs
	    	DefaultBKUs moa_defaultbkus = new DefaultBKUs();
	    	moaIDConfig.setDefaultBKUs(moa_defaultbkus);
	    	moa_defaultbkus.setOnlineBKU(oldbkuonline);
	    	moa_defaultbkus.setHandyBKU(oldbkuhandy);
	    	moa_defaultbkus.setLocalBKU(oldbkulocal);
	    	
	    	
	    	//set SLRequest Templates
	    	SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates();
	    	moaIDConfig.setSLRequestTemplates(moa_slrequesttemp);
	    	moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html");
	    	moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html");
	    	moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");

	    	return moaIDConfig;
	    	
	    } catch (Throwable t) {
	    	throw new ConfigurationException("config.02", null, t);
	    }
	}
	
	private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth(
			ConnectionParameter old) {
    	ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType();
    	auth_moaSP_connection.setURL(old.getUrl());
    	
    	//TODO: remove from Database config!!!!!
//    	auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates());
//    	ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore();
//    	auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore());
//    	auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword());
//    	auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore);
		return auth_moaSP_connection;
	}
	
	  private static Properties getGeneralPVP2ProperiesConfig(Properties props) {
	      Properties configProp = new Properties();
	      for (Object key : props.keySet()) {
	      	String propPrefix = "protocols.pvp2.";
	      	if (key.toString().startsWith(propPrefix)) {
	      		String propertyName = key.toString().substring(propPrefix.length());
	      		configProp.put(propertyName, props.get(key.toString()));
	      	}
	      }
	      return configProp;
	  }
}