/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.stereotype.Component;

import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;

/**
 * @author tlenz
 *
 */
@Component("EvaluateMandateServiceTask")
public class EvaluateMandateServiceTask extends AbstractAuthServletTask {

	/* (non-Javadoc)
	 * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override 
	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
			throws TaskExecutionException {
		try {
			boolean useMIS = getUserConfermationFromRequest(request, MOAIDAuthConstants.PARAM_USEMISMANDATE);
			boolean useELGA = getUserConfermationFromRequest(request, MOAIDAuthConstants.PARAM_USEELGAMANDATE);
			
			//check if both mandate Services are requested
			if ( useMIS && useELGA ) {
				Logger.error("Can not use MIS-MandateService and ELGA-MandateService twince");
				throw new MOAIDException("validator.73", null);
				
			}
			
			//select next process step
			if (useELGA) {
				//validate service-provider again
				if (!ELGAMandateUtils.checkServiceProviderAgainstELGAModulConfigration(authConfig, pendingReq)) {
					Logger.info("Service-Provider: " + pendingReq.getServiceProviderConfiguration().getUniqueIdentifier() 
							+ " does not fulfill requirements to use ELGA-MandateService.");
					throw new MOAIDException("service.10", new Object[]{
							ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING,
							"No valid mandate-profile defined"});
				
				}
				
				executionContext.put(MOAIDAuthConstants.PARAM_USEELGAMANDATE, useELGA);
				Logger.debug("ELGA Mandate-Service is selected. Initialize service communication ... ");
				
			} else if(useMIS) {
				executionContext.put(MOAIDAuthConstants.PARAM_USEMISMANDATE, useMIS);
				Logger.debug("MIS Mandate-Service is selected. Initialize service communication ... ");
				
				
			} else {
				//mark pending-request as aborted
				Logger.info("No Mandate-Service is selected. Abort authentication process ... ");
				pendingReq.setAbortedByUser(true);
				pendingReq.setAuthenticated(false);
				
				//store pending-request
				requestStoreage.storePendingRequest(pendingReq);
				
				//redirect to protocol finalization
				performRedirectToProtocolFinialization(pendingReq, response);
				
			}
			
		} catch (MOAIDException e) {
			Logger.info("Evaluation of Mandate-Service selection FAILED. Reason:" + e.getMessage());
			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
			
		} catch (Exception e) {
			Logger.info("Mandate-Service selection evaluation: General Exception. Msg:" + e.getMessage());
			throw new TaskExecutionException(pendingReq, "ELGA mandate-service: General Exception.", e);
			
		}

	}

	private boolean getUserConfermationFromRequest(HttpServletRequest httpReq, String paramName) throws WrongParametersException {
		String paramString = httpReq.getParameter(paramName);
		paramString = StringEscapeUtils.escapeHtml(paramString);
		if (!ParamValidatorUtils.isValidUseMandate(paramString))
			throw new WrongParametersException("Mandate-Service selection-evaluation", paramName, null);
		
		if (MiscUtil.isNotEmpty(paramString))
			return Boolean.parseBoolean(paramString);
		
		else
			return false;
		
	}
}