package at.gv.egovernment.moa.id.auth.modules.internal.tasks;

import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.PARAM_XMLRESPONSE;

import java.io.IOException;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.fileupload.FileUploadException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.springframework.util.Base64Utils;

import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.logging.SpecificTraceLogger;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;

/**
 * Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/>
 * In detail:
 * <ul>
 * <li>Renames the moa session id.</li>
 * <li>Takes the {@code CreateXMLSignatureResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
 * <li>Verifies the {@code CreateXMLSignatureResponse}.</li>
 * <li>Updates moa session.</li>
 * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>
 * </ul>
 * Expects:
 * <ul>
 * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
 * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li>
 * </ul>
 * Result:
 * <ul>
 * <li>Authentication data put into moa session.</li>
 * <li>Redirect to {@code /dispatcher}.</li>
 * </ul>
 * Possible branches:
 * <ul>
 * <li>In case of mandate mode
 * <ul>
 * <li>Creates a mandate session at the external mandate issuing service.</li>
 * <li>Redirects the user's browser to the online mandate issuing service GUI.</li>
 * </ul>
 * </li>
 * </ul>
 * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet}.
 * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
 *
 */ 
@Component("VerifyAuthenticationBlockTask")
public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {

	@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
	
	@Override
	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
			throws TaskExecutionException {
		
		Logger.debug("POST VerifyAuthenticationBlock");
		
	    Map<String, String> parameters;
	    try 
	    {
	      parameters = getParameters(req);
	      
	    } catch (FileUploadException | IOException e) {
	      Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
	      throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
	      
	    }
	    
	    String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
		if (createXMLSignatureResponse != null)
			SpecificTraceLogger.trace("Raw signed AuthBlock: " + Base64Utils.encodeToString(createXMLSignatureResponse.getBytes()));
	
	    
		try {
			//check if authblock is received
			if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
				throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");

			//execute default task initialization
			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
			
			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
			
			//verify authBlock
			authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
			
			//store pending request with new MOASession data information
			requestStoreage.storePendingRequest(pendingReq);
							
		}
    
		catch (MOAIDException ex) {
			throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
						
	    } catch (Exception e) {
	    	Logger.error("AuthBlockValidation has an interal Error.", e);
	    	throw new TaskExecutionException(pendingReq, e.getMessage(), e);
	    	
	    }
	       
		
	    finally {
	    	
	    }		
	
	}

}