/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.commons.api;

import java.security.PrivateKey;
import java.util.Collection;
import java.util.List;

import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egovernment.moa.id.commons.api.data.CPEPS;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;

/**
 * @author tlenz
 *
 */
public interface IOAAuthParameters extends ISPConfiguration{
	
	public static final String THIRDBKU = "thirdBKU";
	public static final String HANDYBKU = "handy";
	public static final String LOCALBKU = "local";
	
	@Deprecated
	public static final String ONLINEBKU = "online";
	
	public static final String INDERFEDERATEDIDP = "interfederated";
	public static final String EIDAS = "eIDAS";
	public static final String AUTHTYPE_OTHERS = "others";

	
	public String getFriendlyName();
	
	public String getPublicURLPrefix();
	
	/**
	 * Indicates if this online applications has private area restrictions that disallow baseId processing in general
	 * This restriction is evaluated from area-identifier of this online application and a policy from configuration. 
	 * The configuration key 'configuration.restrictions.baseID.idpProcessing' specifies a list of comma-separated values 
	 * of area-identifier prefixes that are allowed to receive a baseID. By default only the prefix 
	 * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs
	 * 
	 * @return true if there is a restriction, otherwise false
	 */
	@Override
	public boolean hasBaseIdInternalProcessingRestriction();
	
	
	/**
	 * Indicates if this online applications has private area restrictions that disallow baseId transfer to OA
	 * This restriction is evaluated from area-identifier of this online application and a policy from configuration. 
	 * The configuration key 'configuration.restrictions.baseID.spTransmission' specifies a list of comma-separated values 
	 * of area-identifier prefixes that are allowed to receive a baseID. By default only the prefix 
	 * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs
	 * 
	 * @return true if there is a restriction, otherwise false
	 */
	@Override
	public boolean hasBaseIdTransferRestriction();
	
		
	/**
	 * Get a friendly name for the specific area-identifier of this online application
	 * 
	 * @return fiendly name of the area-identifier
	 * @throws ConfigurationException In case of online-application configuration has public and private identifies
	 */
	public String getAreaSpecificTargetIdentifierFriendlyName() throws ConfigurationException;
	
		
	public boolean isInderfederationIDP();
	
	public boolean isSTORKPVPGateway();
	
	public boolean isRemovePBKFromAuthBlock();
	
	/**
	 * @return the keyBoxIdentifier
	 */
	public String getKeyBoxIdentifier();

	public SAML1ConfigurationParameters getSAML1Parameter();

	/**
	 * Get a list of online application specific trusted security layer templates 
	 * 
	 * @return a {List<String>} with template URLs, maybe empty but never null
	 */
	public List<String> getTemplateURL();

	
	/**
	 * Return the additional AuthBlock text for this online application
	 * 
	 * @return authblock text {String} or null if no text is configured
	 */
	public String getAditionalAuthBlockText();

	/**
	 * Return an online application specific BKU URL for a requested BKU type
	 * 
	 * @param bkutype: defines the type of BKU 
	 * @return BKU URL {String} or null if no BKU URL is configured
	 */
	public String getBKUURL(String bkutype);

	/**
	 * Return a list of all configured BKU URLs for this online application
	 * 
	 * @return List<String> of BKU URLs or an empty list if no BKU is configured
	 */
	public List<String> getBKUURL();

	public boolean useSSO();

	public boolean useSSOQuestion();

	/**
	 * Return all mandate-profile types configured for this online application
	 * 
	 * @return the mandateProfiles {List<String>} or null if no profile is defined
	 */
	public List<String> getMandateProfiles();

	public boolean isShowMandateCheckBox();

	public boolean isOnlyMandateAllowed();

	/**
	 * Shall we show the stork login in the bku selection frontend?
	 * 
	 * @return true, if is we should show stork login
	 */
	public boolean isShowStorkLogin();

	/**
	 * Return the eIDAS LoA which is minimum required
	 * 
	 * @return eIDAS LoA as URL identifier
	 */
	public String getQaaLevel();

	public boolean isRequireConsentForStorkAttributes();

	/**
	 * Return a {Collection} of requested STORK attributes
	 * 
	 * @return {Collection<StorkAttribute>} maybe empty but never null
	 */
	public Collection<StorkAttribute> getRequestedSTORKAttributes();

	public byte[] getBKUSelectionTemplate();

	public byte[] getSendAssertionTemplate();

	/**
	 * Return a {Collection} of configured STORK CPEPS 
	 * 
	 * @return {Collection<CPEPS>} maybe empty but never null
	 */
	public Collection<CPEPS> getPepsList();

	public String getIDPAttributQueryServiceURL();

	/**
	 * @return
	 */
	boolean isInboundSSOInterfederationAllowed();

	/**
	 * @return
	 */
	boolean isInterfederationSSOStorageAllowed();

	/**
	 * @return
	 */
	boolean isOutboundSSOInterfederationAllowed();
	
	boolean isTestCredentialEnabled();

	List<String> getTestCredentialOIDs();
	
	boolean isUseIDLTestTrustStore();
	boolean isUseAuthBlockTestTestStore();
	
	PrivateKey getBPKDecBpkDecryptionKey();

	/** 
	 * @return
	 */
	boolean isPassivRequestUsedForInterfederation();

	/**
	 * @return
	 */
	boolean isPerformLocalAuthenticationOnInterfederationError();

	/**
	 * Get a {Collection} of configured STORK attribute provider plug-ins
	 * 
	 * @return {Collection<StorkAttributeProviderPlugins>} maybe empty but never null
	 */
	public Collection<StorkAttributeProviderPlugin> getStorkAPs();
	
	public List<Integer> getReversionsLoggingEventCodes();
	
	/**
	 * Get a List of sectors for that this service provider requires foreign bPKs
	 * 
	 * @return list of sectors, or null if no sectors are defined
	 */
	public List<String> foreignbPKSectorsRequested();
	
	
	/**
	 * Get a List of sectors for that this service provider requires additional unencrypted bPKs
	 * 
	 * @return list of sectors, or null if no sectors are defined
	 */
	public List<String> additionalbPKSectorsRequested();
	
	
	
	
}