package at.gv.egovernment.moa.id.auth.modules.internal.tasks;

import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_VERIFY_CERTIFICATE;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.BooleanUtils;
import org.springframework.stereotype.Component;

import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;

/**
 * Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.<p/>
 * In detail:
 * <ul>
 * <li>Renames the moa session id.</li>
 * <li>Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.</li>
 * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li>
 * </ul>
 * Expects:
 * <ul>
 * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
 * </ul>
 * Result:
 * <ul>
 * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li>
 * </ul>
 * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}.
 * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
 *
 */
@Component("CertificateReadRequestTask")
public class CertificateReadRequestTask extends AbstractAuthServletTask {

	@Override
	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
			throws TaskExecutionException {
		Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
					
		try { 
			//execute default task initialization   
			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
			boolean useMandate = moasession.isMandateUsed();
			boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));	
			if (!identityLinkAvailable && useMandate) {
				Logger.error("Online-Mandate Mode for foreign citizencs not supported.");
				throw new AuthenticationException("auth.13", null);
			}
			
			// create the InfoboxReadRequest to get the certificate
			String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);

			// build dataurl (to the VerifyCertificateSerlvet)
			String dataurl = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), REQ_VERIFY_CERTIFICATE,
					pendingReq.getPendingRequestId());

			CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest,
					AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
		
		} catch (MOAIDException ex) {
			throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
					
		} catch (IOException e) {
			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
			
		} finally {
			
		}		

	}

}