package at.gv.egovernment.moa.id.protocols.stork2;

import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.logging.Logger;
import eu.stork.peps.auth.commons.*;
import eu.stork.peps.auth.engine.STORKSAMLEngine;
import eu.stork.peps.exceptions.STORKSAMLEngineException;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.ws.transport.http.HTTPInTransport;
import org.opensaml.ws.transport.http.HTTPOutTransport;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
import org.opensaml.ws.transport.http.HttpServletResponseAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;

/**
 * Stork 2 Protocol Support
 *
 * @author bsuzic
 */
public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {

    public static final String NAME = STORKProtocol.class.getName();
    public static final String PATH = "id_stork2";

    public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
    public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";

    private static HashMap<String, IAction> actions = new HashMap<String, IAction>();

    static {

        actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
        actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());

        instance = new STORKProtocol();
    }

    private static STORKProtocol instance = null;


    public String getName() {
        return NAME;
    }

    public String getPath() {
        return PATH;
    }

    public IAction getAction(String action) {
        return actions.get(action);
    }

    public STORKProtocol() {
        super();
    }

    /*
        First request step - send it to BKU selection for user authentication. After the user credentials
        and other info are obtained, in the second step the request will be processed and the user redirected
         */
    public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
        Logger.debug("Starting preprocessing");
        Logger.debug("Request method: " + request.getMethod());
        Logger.debug("Request content length: " + request.getContentLength());
        Logger.debug("Initiating action: " + action);

        HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
        HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());


        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
        samlMessageContext.setInboundMessageTransport(profileReq);

        MOASTORKRequest STORK2Request = new MOASTORKRequest();


        //extract STORK Response from HTTP Request
        byte[] decSamlToken;
        try {
            decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest"));
        } catch (NullPointerException e) {
            Logger.error("Unable to retrieve STORK Request", e);
            throw new MOAIDException("stork.04", null);
        }

        //Get SAMLEngine instance
        STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming");
        STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr");

        STORKAuthnRequest authnRequest = null;
        STORKAttrQueryRequest attrRequest = null;

        // check if valid authn request is contained
        try {
            authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
        } catch (STORKSAMLEngineException ex) {
            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
        } catch(ClassCastException e) {
        	// we do not have a authnRequest
        	// check if a valid attr request is container
        	try {
        		attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
        	} catch (STORKSAMLEngineException ex) {
        		Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
        	}
        }

        // if there is no authn or attr request, raise error
        if ((authnRequest == null) && (attrRequest == null)) {
            Logger.error("There is no authentication or attribute request contained.");
            throw new MOAIDException("stork.14", null);
        }

        STORK2Request.setSTORKAuthnRequest(authnRequest);
        STORK2Request.setSTORKAttrRequest(attrRequest);

        return STORK2Request;
    }

    public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) {
        return null;
    }

    public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable {
        return false;
    }

    public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
        return false;
    }

    public void checkPersonalAttributes() {


    }
}