/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.protocols;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.ExceptionContainer;
import at.gv.egovernment.moa.logging.Logger;

/**
 * @author tlenz
 *
 */
@Controller
public class ProtocolFinalizationController extends AbstractAuthProtocolModulController {
	
	@RequestMapping(value = "/finalizeAuthProtocol", method = {RequestMethod.GET})
	public void finalizeAuthProtocol(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
		
		//read pendingRequest from http request
		Object idObject = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_TARGET_PENDINGREQUESTID));
		IRequest pendingReq = null;
		String pendingRequestID = null;
		if (idObject != null && (idObject instanceof String)) {
			pendingRequestID = (String) idObject;
			pendingReq = requestStorage.getPendingRequest(pendingRequestID);
			
		}
 				
		//receive an authentication error
		String errorid = StringEscapeUtils.escapeHtml(req.getParameter(ERROR_CODE_PARAM));
		if (errorid != null) {
			try {				
				//load stored exception from database
				ExceptionContainer container = transactionStorage.get(errorid, ExceptionContainer.class);								
				if (container != null) {					
					//remove exception if it was found
					transactionStorage.remove(errorid);
					
					Throwable throwable = container.getExceptionThrown();
					
					if (pendingReq != null) {													
						//build protocol-specific error message if possible
						buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
																
						//remove active user-session
						removeUserSession(pendingReq, req, resp);
	
						return;
	
					} else {
						handleErrorNoRedirect(throwable, req, resp, true);
	
					}
				} else {
					handleErrorNoRedirect(new MOAIDException("auth.26", null), req, resp, false);
					
				}
				
			} catch (Throwable e) {
				Logger.error(e);				
				handleErrorNoRedirect(e, req, resp, false);
			
			}
					
			// receive a pending request 
		} else {
			if (pendingReq == null) {
				Logger.error("No PendingRequest with ID " + pendingRequestID + " found.!");		
				handleErrorNoRedirect(new MOAIDException("auth.28", new Object[]{pendingRequestID}), req, resp, false);							
				return;
				
			}
			try {
				Logger.debug("Finalize PendingRequest with ID " + pendingRequestID);
			
				//get MOA session data object from pending request
				IAuthenticationSession pendingMoaSession = pendingReq.getMOASession();
				
					//check if pending-request has 'abortedByUser' flag set
				if (pendingReq.isAbortedByUser()) {
					//send authentication aborted error to Service Provider
					buildProtocolSpecificErrorResponse(
							new AuthenticationException("auth.21", new Object[] {}), 
							req, resp, pendingReq);
					
					//do not remove the full active SSO-Session 
					// in case of only one Service-Provider authentication request is aborted   
					if ( !(pendingMoaSession.isAuthenticated() 
							&& pendingReq.needSingleSignOnFunctionality()) ) {
						removeUserSession(pendingReq, req, resp);
						
					}							

					//check if MOASession and pending-request are authenticated					
				} else if (pendingMoaSession.isAuthenticated() && pendingReq.isAuthenticated()) {				
					finalizeAuthenticationProcess(req, resp, pendingReq, pendingMoaSession);

				} else {
					//suspect state: pending-request is not aborted but also are not authenticated 
					Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!");		
					handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true);							
									
				}
							
			} catch (Exception e) {
				Logger.error("Finalize authentication protocol FAILED." , e);
				buildProtocolSpecificErrorResponse(e, req, resp, pendingReq);
				
				removeUserSession(pendingReq, req, resp);
				
			}		
		}
		
		//remove pending-request
		if (pendingReq != null) {
			requestStorage.removePendingRequest(pendingReq.getRequestID());
			revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
			
		}
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#getName()
	 */
	@Override
	public String getName() {
		// TODO Auto-generated method stub
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#getPath()
	 */
	@Override
	public String getPath() {
		// TODO Auto-generated method stub
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#generateErrorMessage(java.lang.Throwable, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest)
	 */
	@Override
	public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response,
			IRequest protocolRequest) throws Throwable {
		// TODO Auto-generated method stub
		return false;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#validate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest)
	 */
	@Override
	public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
		// TODO Auto-generated method stub
		return false;
	}
	
	
}