package at.gv.egovernment.moa.spss.server.iaik.config;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import iaik.pki.store.truststore.TrustStoreFactory;
import iaik.server.ConfigurationData;
import iaik.server.Configurator;
import iaik.server.modules.keys.KeyEntryID;
import iaik.server.modules.keys.KeyModule;
import iaik.server.modules.keys.KeyModuleFactory;

import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;

import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.KeyGroup;
import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.util.MessageProvider;

/**
 * A class responsible for configuring the IAIK MOA modules.
 * 
 * @author Patrick Peck
 * @version $Id$
 */
public class IaikConfigurator {

  /** The warnings encountered during configuration. */
  private List warnings = new ArrayList();

  /**
   * Configure the IAIK MOA subsystem.
   * 
   * @param moaConfig The underlying MOA configuration.
   * @throws ConfigurationException An error occurred configuring the IAIK
   * MOA subsystem.
   */
  public void configure(ConfigurationProvider moaConfig)
    throws ConfigurationException {
    ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
    
    warnings = new ArrayList();

    try {
      Configurator.init(configData, new TransactionId("IaikConfigurator"));
      dumpKeyEntryIDs();
      checkKeyGroupConfig(moaConfig);
      TrustStoreFactory.reset();
    } catch (iaik.server.ConfigurationException e) {
      throw new ConfigurationException("config.08", null, e);
    } catch (Throwable t) {
      throw new ConfigurationException("config.08", null, t);
    }
  }

  /**
   * Return the warnings encountered during configuration.
   * 
   * @return The warnings.
   */  
  public List getWarnings() {
    return warnings;
  }

  /**
   * Dump all <code>KeyEntryID</code>s contained in the configured
   * <code>KeyModule</code>s to the log file.
   */
  private void dumpKeyEntryIDs() {
    MessageProvider msg = MessageProvider.getInstance();
    KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
    Set keyEntryIds = module.getPrivateKeyEntryIDs();
    Iterator iter;

    for (iter = keyEntryIds.iterator(); iter.hasNext();) {
      KeyEntryID keyEntryId = (KeyEntryID) iter.next();
      Logger.info(
        new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
    }
  }

  /**
   * Check that each key group entry in each key group can be resolved to a 
   * KeyEntryID.
   * 
   * Logs a warning for each key group entry that cannot be resolved.
   * 
   * @param moaConfig The MOA configuration to check.
   */
  private void checkKeyGroupConfig(ConfigurationProvider moaConfig) {
    Map keyGroups = moaConfig.getKeyGroups();
    Iterator iter;

    for (iter = keyGroups.values().iterator(); iter.hasNext();) {
      KeyGroup keyGroup = (KeyGroup) iter.next();
      Set keyGroupEntries = keyGroup.getKeyGroupEntries();
      Iterator kgIter;

      for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) {
        KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();

        if (!findKeyEntryID(entry)) {
          warn(
            "config.31",
            new Object[] {
              keyGroup.getId(),
              entry.getModuleID(),
              entry.getIssuerDN(),
              entry.getSerialNumber()});
        }
      }
    }
  }

  /**
   * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID
   * by the Configurator.
   *
   * @param keyGroupEntry The key group entry to find.
   * @return <code>true</code>, if the <code>keyGroupEntry</code> could be
   * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>.
   */
  private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
    KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
    Set keyEntryIDs = module.getPrivateKeyEntryIDs();
    Iterator iter;

    for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
      KeyEntryID entry = (KeyEntryID) iter.next();

      if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN())
        && entry.getCertificateSerialNumber().equals(
          keyGroupEntry.getSerialNumber())
        && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
        return true;
      }
    }

    return false;
  }

  /**
   * Log a warning.
   * 
   * @param messageId The message ID.
   * @param args Additional parameters for the message.
   * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
   */
  private void warn(String messageId, Object[] args) {
    MessageProvider msg = MessageProvider.getInstance();
    String txt = msg.getMessage(messageId, args);

    Logger.warn(new LogMsg(txt));
    warnings.add(txt);
  }
}