/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests.tasks.FirstBKAMobileAuthTask;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;

/**
 * @author tlenz
 *
 */
public class BKAMobileAuthModule implements AuthModule {

	private int priority = 2;
	
	@Autowired(required=true) protected AuthConfiguration authConfig;
	@Autowired(required=true) private IAuthenticationManager authManager;
	
	private List<String> uniqueIDsDummyAuthEnabled = new ArrayList<String>();
	private String noAuthHeaderValue = null;
	
	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
	 */
	@Override
	public int getPriority() {
		return priority; 
	}

	/**
	 * Sets the priority of this module. Default value is {@code 0}.
	 * @param priority The priority.
	 */
	public void setPriority(int priority) {
		this.priority = priority;
	}
	
	@PostConstruct
	public void initialDummyAuthWhiteList() {
		String sensitiveSpIdentifier = authConfig.getBasicConfiguration("modules.bkamobileAuth.entityID");
		noAuthHeaderValue = authConfig.getBasicConfiguration("modules.bkamobileAuth.noAuthHeaderValue", "0");
		Logger.info("Dummy authentication is sensitive on 'X-MOA-VDA' value: " + noAuthHeaderValue);
		
		if (MiscUtil.isNotEmpty(sensitiveSpIdentifier)) {
			uniqueIDsDummyAuthEnabled.addAll(KeyValueUtils.getListOfCSVValues(sensitiveSpIdentifier));
			
			if (!uniqueIDsDummyAuthEnabled.isEmpty()) {
				Logger.info("Dummy authentication is enabled for ....");
				for (String el : uniqueIDsDummyAuthEnabled)
					Logger.info("   EntityID: " + el);
			}
		}
		
		//parameter to whiteList
		authManager.addParameterNameToWhiteList(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
//		authManager.addHeaderNameToWhiteList("SL2ClientType");
//		authManager.addHeaderNameToWhiteList("X-MOA-VDA");
	}
	
	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
	 */
	@Override
	public String selectProcess(ExecutionContext context, IRequest pendingReq) {		
		String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID);
		String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase());
		String sl20VDATypeHeader = (String)  context.get("X-MOA-VDA".toLowerCase());				
		if (MiscUtil.isNotEmpty(spEntityID)) {
			Logger.trace("Check dummy-auth for SP: " + spEntityID);
			
			
			if ( (uniqueIDsDummyAuthEnabled.contains(spEntityID))) {
				String eIDBlob = (String)context.get(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
				if (eIDBlob != null && MiscUtil.isNotEmpty(eIDBlob.trim())) {				
					return "BKAMobileAuthentication";
					
				} else if (MiscUtil.isNotEmpty(sl20ClientTypeHeader) 
						&& MiscUtil.isNotEmpty(sl20VDATypeHeader) && sl20VDATypeHeader.equals(noAuthHeaderValue)) {
					Logger.info("Find dummy-auth request for oe.gv.at demos ... ");
					return "BKAMobileAuthentication";
					
				} else {
					Logger.debug("Dummy-auth are enabled for " + spEntityID + " but no '"
							+ FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW + "' req. parameter available.");
					
				}
				
			} else
				Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist of mobile-auth module.");
						
		} else
			Logger.debug("No unique service-provider identifier!");
		
		return null;
	}

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
	 */
	@Override
	public String[] getProcessDefinitions() {
		return new String[] { "classpath:/BKAMobileAuth.process.xml" };
	}

}