/*******************************************************************************
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.protocol;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;

import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrantException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException;
import at.gv.egovernment.moa.logging.Logger;

@Component("OAuth20TokenRequest")
@Scope(value = BeanDefinition.SCOPE_PROTOTYPE)
class OAuth20TokenRequest extends OAuth20BaseRequest {
	
	/**
	 * @param req
	 * @throws ConfigurationException
	 */
	public OAuth20TokenRequest() {
		super();
		//AuthnRequest needs authentication
		this.setNeedAuthentication(false);

		//set protocol action, which should be executed after authentication
		this.setAction(OAuth20TokenAction.class.getName());
	}

	private static final long serialVersionUID = 1L;
	
	private String code;
	private String grantType;
	private String clientID;
	private String clientSecret;
	
	/**
	 * @return the code
	 */
	public String getCode() {
		return code;
	}
	
	/**
	 * @param code
	 *            the code to set
	 */
	public void setCode(String code) {
		this.code = code;
	}
	
	/**
	 * @return the grantType
	 */
	public String getGrantType() {
		return grantType;
	}
	
	/**
	 * @param grantType
	 *            the grantType to set
	 */
	public void setGrantType(String grantType) {
		this.grantType = grantType;
	}
	
	/**
	 * @return the clientID
	 */
	public String getClientID() {
		return clientID;
	}
	
	/**
	 * @param clientID
	 *            the clientID to set
	 */
	public void setClientID(String clientID) {
		this.clientID = clientID;
	}
	
	/**
	 * @return the clientSecret
	 */
	public String getClientSecret() {
		return clientSecret;
	}
	
	/**
	 * @param clientSecret
	 *            the clientSecret to set
	 */
	public void setClientSecret(String clientSecret) {
		this.clientSecret = clientSecret;
	}
	
	@Override
	protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig, ISPConfiguration oaParam) throws OAuth20Exception {
		this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
		this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
		this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
		this.setClientSecret(this.getParam(request, OAuth20Constants.PARAM_CLIENT_SECRET, true));
		
		// check for grant type
		if (!this.getGrantType().equals(OAuth20Constants.PARAM_GRANT_TYPE_VALUE_AUTHORIZATION_CODE)) {
			throw new OAuth20InvalidGrantException();
		}
		
		// OAOAUTH20 cannot be null at this point. check was done in base request		
		if (StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET)) 
				|| StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)))
			throw new OAuth20OANotSupportedException();
									
		if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) {
			throw new OAuth20AccessDeniedException();
		}
		
		if (!this.getClientSecret().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET))) {
			throw new OAuth20AccessDeniedException();
		}
		
		this.setOnlineApplicationConfiguration(oaParam);
		
		Logger.info("Dispatch OpenIDConnect TokenRequest: ClientID=" + this.clientID);
		
		//add valid parameters
		this.allowedParameters.add(OAuth20Constants.PARAM_SCOPE);
		this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
	}

//	/* (non-Javadoc)
//	 * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
//	 */
//	@Override
//	public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
//		return null;
//	}
}