/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
package at.gv.egovernment.moa.id.moduls;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;

public class AuthenticationManager extends AuthServlet {

	private static AuthenticationManager instance = null;
	
	private static final long serialVersionUID = 1L;
	
	public static final String MOA_SESSION = "MoaAuthenticationSession";
	public static final String MOA_AUTHENTICATED = "MoaAuthenticated";

	
	public static AuthenticationManager getInstance() {
		if (instance == null) {
			instance = new AuthenticationManager();
		}
		
		return instance;
	}
	
	
	/**
	 * Checks if this request can authenticate a MOA Session
	 * 
	 * @param request
	 * @param response
	 * @return
	 */
	public boolean tryPerformAuthentication(HttpServletRequest request,
			HttpServletResponse response) {
				
		String sessionID = (String) request.getParameter(PARAM_SESSIONID);
		if (sessionID != null) {
			Logger.info("got MOASession: " + sessionID);
			AuthenticationSession authSession;
			try {
				authSession = AuthenticationSessionStoreage.getSession(sessionID);
				
	
			
				if (authSession != null) {
					Logger.info("MOASession found! A: "
							+ authSession.isAuthenticated() + ", AU "
							+ authSession.isAuthenticatedUsed());
					if (authSession.isAuthenticated()
							&& !authSession.isAuthenticatedUsed()) {
						authSession.setAuthenticatedUsed(true);
					
						AuthenticationSessionStoreage.storeSession(authSession);
						
						return true; // got authenticated
					}
				}
			
			} catch (MOADatabaseException e) {
				return false;
			} catch (BuildException e) {
				return false;
			}
		}
		return false;
	}
	
	public void logout(HttpServletRequest request,
			HttpServletResponse response, String moaSessionID) {
		Logger.info("Logout");

		if(moaSessionID == null) {
			moaSessionID = (String) request.getParameter(PARAM_SESSIONID);
		}
		
		if(moaSessionID == null) {
			Logger.info("NO MOA Session to logout");
			return;
		}
		
		AuthenticationSession authSession;
		try {
			authSession = AuthenticationSessionStoreage
					.getSession(moaSessionID);
		
			if(authSession == null) {
				Logger.info("NO MOA Authentication data for ID " + moaSessionID);
				return;
			}
			
			authSession.setAuthenticated(false);
			//HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session
			
			AuthenticationSessionStoreage.destroySession(moaSessionID);
			
			//session.invalidate();
		
		} catch (MOADatabaseException e) {
			Logger.info("NO MOA Authentication data for ID " + moaSessionID);
			return;
		}

	}

	public void doAuthentication(HttpServletRequest request,
			HttpServletResponse response, IRequest target)
			throws ServletException, IOException, MOAIDException {
		Logger.info("Starting authentication ...");

//		if (!ParamValidatorUtils.isValidOA(target.getOAURL()))
//			throw new WrongParametersException("StartAuthentication", PARAM_OA,
//					"auth.12");
//
//		if (target.getOAURL() == null) {
//			throw new WrongParametersException("StartAuthentication", PARAM_OA,
//					"auth.12");
//		}

		setNoCachingHeadersInHttpRespone(request, response);
		
		List<String> legacyallowed_prot = AuthConfigurationProvider.getInstance().getLegacyAllowedProtocols();

		//is legacy allowed
		boolean legacyallowed = legacyallowed_prot.contains(target.requestedModule());

		//check legacy request parameter 
		boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(request);
		
		AuthenticationSession moasession;
		try {
			//check if an MOASession exists and if not create an new MOASession
			//moasession = getORCreateMOASession(request);
			moasession = AuthenticationSessionStoreage.createSession();
			
		} catch (MOADatabaseException e1) {
			Logger.error("Database Error! MOASession can not be created!");
			throw new MOAIDException("init.04", new Object[] {});
		}
		
		
		if (legacyallowed && legacyparamavail) {
			
			//parse request parameter into MOASession
			
			StartAuthentificationParameterParser.parse(request, response, moasession, target);
							
		    Logger.info("Start Authentication Module: " + moasession.getModul() 
		    		+ " Action: " + moasession.getAction());
			
			//start authentication process
//			session.getServletContext().getNamedDispatcher("StartAuthentication")
//				.forward(request, response);
		    
		    StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance();
			
		    String getIdentityLinkForm = startauth.build(moasession, request, response);
			
			//store MOASession
			try {
				AuthenticationSessionStoreage.storeSession(moasession, target.getRequestID());				
			} catch (MOADatabaseException e) {
				Logger.error("Database Error! MOASession is not stored!");
				throw new MOAIDException("init.04", new Object[] {
						moasession.getSessionID()});
			}
		    
		    if (!StringUtils.isEmpty(getIdentityLinkForm)) {
		    	response.setContentType("text/html;charset=UTF-8");
		    	PrintWriter out = new PrintWriter(response.getOutputStream());
		    	out.print(getIdentityLinkForm);
		    	out.flush();
		    	Logger.debug("Finished GET StartAuthentication");
		    }
			
		} else {
			//load Parameters from OnlineApplicationConfiguration
			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
					.getOnlineApplicationParameter(target.getOAURL());
			
			if (oaParam == null) {
				throw new AuthenticationException("auth.00", new Object[] { target.getOAURL() });
			}
							
			else {
				
				//check if an MOASession exists and if not create an new MOASession
				//moasession = getORCreateMOASession(request);

				//set OnlineApplication configuration in Session
				moasession.setOAURLRequested(target.getOAURL());
				moasession.setAction(target.requestedAction());
				moasession.setModul(target.requestedModule());
			}
						
			//Build authentication form
			
			
			String publicURLPreFix = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
			String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), 
					target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID());
			
			//store MOASession
			try {
				AuthenticationSessionStoreage.storeSession(moasession, target.getRequestID());				
			} catch (MOADatabaseException e) {
				Logger.error("Database Error! MOASession is not stored!");
				throw new MOAIDException("init.04", new Object[] {
						moasession.getSessionID()});
			}
			
			//set MOAIDSession
			request.getSession().setAttribute(MOA_SESSION, moasession.getSessionID());
			
			response.setContentType("text/html;charset=UTF-8");
			PrintWriter out = new PrintWriter(response.getOutputStream()); 
			out.print(loginForm);
			out.flush(); 
		}
	}
	
	public void sendTransmitAssertionQuestion(HttpServletRequest request,
			HttpServletResponse response, IRequest target, OAAuthParameter oaParam)
			throws ServletException, IOException, MOAIDException { 
		
			String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), 
					target.requestedAction(), target.getRequestID(), oaParam, request.getContextPath());
						
			response.setContentType("text/html;charset=UTF-8");
			PrintWriter out = new PrintWriter(response.getOutputStream()); 
			out.print(form);
			out.flush(); 
	}	
}