/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.config;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.NameIDType;
import org.opensaml.saml2.metadata.ContactPerson;
import org.opensaml.saml2.metadata.Organization;
import org.opensaml.saml2.metadata.RequestedAttribute;
import org.opensaml.xml.security.credential.Credential;

import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.data.Trible;
import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPVPMetadataBuilderConfiguration;
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthCredentialProvider;
import at.gv.egovernment.moa.logging.Logger;

/**
 * @author tlenz
 *
 */
public class EidasCentralAuthMetadataConfiguration implements IPVPMetadataBuilderConfiguration {

	private Collection<RequestedAttribute> additionalAttributes = null;
	
	
	private String authURL;
	private EidasCentralAuthCredentialProvider credentialProvider;
	private IPVP2BasicConfiguration pvpConfiguration;
	
	public EidasCentralAuthMetadataConfiguration(String authURL, 
			EidasCentralAuthCredentialProvider credentialProvider,
			IPVP2BasicConfiguration pvpConfiguration) {
		this.authURL = authURL;
		this.credentialProvider = credentialProvider;
		this.pvpConfiguration = pvpConfiguration;
	}
	
	
	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataValidUntil()
	 */
	@Override
	public int getMetadataValidUntil() {
		return EidasCentralAuthConstants.METADATA_VALIDUNTIL_IN_HOURS;
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildEntitiesDescriptorAsRootElement()
	 */
	@Override
	public boolean buildEntitiesDescriptorAsRootElement() {
		return false;
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildIDPSSODescriptor()
	 */
	@Override
	public boolean buildIDPSSODescriptor() {
		return false;
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildSPSSODescriptor()
	 */
	@Override
	public boolean buildSPSSODescriptor() {
		return true;
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityIDPostfix()
	 */
	@Override
	public String getEntityID() {
		return authURL + EidasCentralAuthConstants.ENDPOINT_METADATA;
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityFriendlyName()
	 */
	@Override
	public String getEntityFriendlyName() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getContactPersonInformation()
	 */
	@Override
	public List<ContactPerson> getContactPersonInformation() {
		try {
			return pvpConfiguration.getIDPContacts();
			
		} catch (EAAFException e) {
			Logger.warn("Can not load Metadata entry: Contect Person", e);
			return null;
			
		}
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getOrgansiationInformation()
	 */
	@Override
	public Organization getOrgansiationInformation() {
		try {
			return pvpConfiguration.getIDPOrganisation();
			
		} catch (EAAFException e) {
			Logger.warn("Can not load Metadata entry: Organisation", e);
			return null;
			
		}
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataSigningCredentials()
	 */
	@Override
	public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException {
		return credentialProvider.getIDPMetaDataSigningCredential();
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getRequestorResponseSigningCredentials()
	 */
	@Override
	public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException {
		return credentialProvider.getIDPAssertionSigningCredential();
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEncryptionCredentials()
	 */
	@Override
	public Credential getEncryptionCredentials() throws CredentialsNotAvailableException {
		return credentialProvider.getIDPAssertionEncryptionCredential();
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSOPostBindingURL()
	 */
	@Override
	public String getIDPWebSSOPostBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSORedirectBindingURL()
	 */
	@Override
	public String getIDPWebSSORedirectBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLOPostBindingURL()
	 */
	@Override
	public String getIDPSLOPostBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLORedirectBindingURL()
	 */
	@Override
	public String getIDPSLORedirectBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServicePostBindingURL()
	 */
	@Override
	public String getSPAssertionConsumerServicePostBindingURL() {
		return authURL + EidasCentralAuthConstants.ENDPOINT_POST;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServiceRedirectBindingURL()
	 */
	@Override
	public String getSPAssertionConsumerServiceRedirectBindingURL() {
		return authURL + EidasCentralAuthConstants.ENDPOINT_REDIRECT;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOPostBindingURL()
	 */
	@Override
	public String getSPSLOPostBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLORedirectBindingURL()
	 */
	@Override
	public String getSPSLORedirectBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOSOAPBindingURL()
	 */
	@Override
	public String getSPSLOSOAPBindingURL() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleAttributes()
	 */
	@Override
	public List<Attribute> getIDPPossibleAttributes() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleNameITTypes()
	 */
	@Override
	public List<String> getIDPPossibleNameITTypes() {
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPRequiredAttributes()
	 */
	@Override
	public Collection<RequestedAttribute> getSPRequiredAttributes() {		
		Map<String, RequestedAttribute> requestedAttributes = new HashMap<String, RequestedAttribute>();
		for (Trible<String, String, Boolean> el : EidasCentralAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTES)
			requestedAttributes.put(el.getFirst(), PVPAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), el.getThird()));
		
		if (additionalAttributes != null) {
			Logger.trace("Add additional PVP attributes into metadata ... ");
			for (RequestedAttribute el : additionalAttributes) {
				if (requestedAttributes.containsKey(el.getName()))
					Logger.debug("Attribute " + el.getName() + " is already added by default configuration. Overwrite it by user configuration");

				requestedAttributes.put(el.getName(), el);					
				
			}			
		}
		
		return requestedAttributes.values();
		
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAllowedNameITTypes()
	 */
	@Override
	public List<String> getSPAllowedNameITTypes() {
		return Arrays.asList(NameIDType.PERSISTENT);
		
	}


	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#getSPNameForLogging()
	 */
	@Override
	public String getSPNameForLogging() {
		return EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING;
	}


	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned()
	 */
	@Override
	public boolean wantAssertionSigned() {
		return false;
	}


	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned()
	 */
	@Override
	public boolean wantAuthnRequestSigned() {
		return true;
	}

	/**
	 * Add additonal PVP attributes that are required by this deployment
	 * 
	 * @param additionalAttr List of PVP attribute name and isRequired flag 
	 */
	public void setAdditionalRequiredAttributes(List<Pair<String, Boolean>> additionalAttr) {
		if (additionalAttr != null) {
			additionalAttributes = new ArrayList<RequestedAttribute>();
			for (Pair<String, Boolean> el : additionalAttr) {
				Attribute attributBuilder = PVPAttributeBuilder.buildEmptyAttribute(el.getFirst());
				if (attributBuilder != null) {
					additionalAttributes.add(
							PVPAttributeBuilder.buildReqAttribute(
									attributBuilder.getName(), 
									attributBuilder.getFriendlyName(), 
									el.getSecond()));
										
				} else
					Logger.info("NO PVP attribute with name: " + el.getFirst());
				
			}			
		}		
	}
	
}