package at.gv.egovernment.moa.id.protocols.saml1;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.URLEncoder;

public class GetArtifactAction implements IAction {

	public String processRequest(IRequest req, HttpServletRequest httpReq,
			HttpServletResponse httpResp, AuthenticationSession session) throws AuthenticationException {
			
		String oaURL = (String) req.getOAURL();
		String target = (String) req.getTarget();
		
		try {
		
			
			if (oaURL == null) {
				throw new WrongParametersException("StartAuthentication",
						PARAM_OA, "auth.12");
			}
			
			// check parameter
			if (!ParamValidatorUtils.isValidOA(oaURL))
				throw new WrongParametersException("StartAuthentication",
						PARAM_OA, "auth.12");
	
			// TODO: Support Mandate MODE!
			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
				.getOnlineApplicationParameter(oaURL);
				
			SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace();
			
			AuthenticationData authData = SAML1AuthenticationServer.buildAuthenticationData(session, 
					oaParam,
					target);
			
			String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData);
			
			if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) {
				String url = "RedirectServlet";
				url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
				if (!oaParam.getBusinessService())
					url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(oaParam.getTarget(), "UTF-8"));
				url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
				url = httpResp.encodeRedirectURL(url);
				
				httpResp.setContentType("text/html");
				httpResp.setStatus(302);
				httpResp.addHeader("Location", url);
				
			} else {
				String redirectURL = oaURL;		
				if (!oaParam.getBusinessService()) {
					redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
					URLEncoder.encode(oaParam.getTarget(), "UTF-8"));

				}
				
				redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT,
						URLEncoder.encode(samlArtifactBase64, "UTF-8"));
				redirectURL = httpResp.encodeRedirectURL(redirectURL);
				httpResp.setContentType("text/html");
				httpResp.setStatus(302);
				httpResp.addHeader("Location", redirectURL);
				Logger.debug("REDIRECT TO: " + redirectURL);
			}

			return authData.getAssertionID();
			
		} catch (Exception ex) {
			Logger.error("SAML1 Assertion build error", ex);
			throw new AuthenticationException("SAML1 Assertion build error.", new Object[]{}, ex);
		}
		
	}

	protected static String addURLParameter(String url, String paramname,
			String paramvalue) {
		String param = paramname + "=" + paramvalue;
		if (url.indexOf("?") < 0)
			return url + "?" + param;
		else
			return url + "&" + param;
	}

	public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
			HttpServletResponse httpResp) {
		return true;
	}

	public String getDefaultActionName() {
		return SAML1Protocol.GETARTIFACT;
	}

}