/*
 * Copyright 2003 Federal Chancellery Austria
 * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */


package at.gv.egovernment.moa.spss.server.invoke;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;

import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.MOASystemException;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileExplicit;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
import at.gv.egovernment.moa.spss.server.iaik.xmlverify.XMLSignatureVerificationProfileImpl;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;

/**
 * A factory to create a <code>XMLSignatureVerificationProfile</code> from a
 * <code>VerifyXMLSignatureRequest</code>, based on the current MOA
 * configuration.
 * 
 * @author Patrick Peck
 * @version $Id$
 */
public class XMLSignatureVerificationProfileFactory {

  /** The <code>VerifyXMLSignatureRequest</code> for which to create profile
   * information. */
  private VerifyXMLSignatureRequest request;

  /**
   * Create a new <code>XMLSignatureVerificationProfileFactory</code>.
   * 
   * @param request The <code>VerifyXMLSignatureRequest</code> to extract 
   * profile data from.
   */
  public XMLSignatureVerificationProfileFactory(VerifyXMLSignatureRequest request) {
    this.request = request;
  }

  /**
   * Create a <code>XMLSignatureCreationProfile</code> from the
   * <code>VerifyXMLSignaturesRequest</code> and the current MOA configuration.
   * 
   * @return The <code>XMLSignatureVerificationProfile</code> containing
   * additional information for verifying an XML signature.
   * @throws MOASystemException A system error occurred building the profile.
   * @throws MOAApplicationException An error occurred building the profile.
   */
  public XMLSignatureVerificationProfile createProfile()
    throws MOASystemException, MOAApplicationException {
    TransactionContext context =
      TransactionContextManager.getInstance().getTransactionContext();
    ConfigurationProvider config = context.getConfiguration();
    XMLSignatureVerificationProfileImpl profile =
      new XMLSignatureVerificationProfileImpl();
    SignatureManifestCheckParams checkParams;
    String trustProfileID;

    // set whether to check XMLDsig manifests
    profile.setCheckXMLDsigManifests(true);

    // set the certificate validation profile
    trustProfileID = request.getTrustProfileId();
    profile.setCertificateValidationProfile(
      new PKIProfileImpl(config, trustProfileID));

    // set whether hash input data is to be included
    profile.setIncludeHashInputData(request.getReturnHashInputData());

    // set the security layer manifest check parameters
    // and transformation supplements (if present) 
    checkParams = request.getSignatureManifestCheckParams();
    profile.setCheckSecurityLayerManifest(true);
    profile.setIncludeReferenceInputData(checkParams != null ? checkParams.getReturnReferenceInputData() : false);
    if (checkParams != null) {
        List transformationSupplements;
        transformationSupplements = buildTransformationSupplements();
        profile.setTransformationSupplements(transformationSupplements);
    } else {
        profile.setTransformationSupplements(Collections.EMPTY_LIST);
    }
    
    profile.setPermitFileURIs(config.getPermitFileURIs());
    
    return profile;
  }

  /**
   * Build supplemental data objects used in the transformations.
   * 
   * @return A <code>List</code> of <code>DataObject</code>s providing
   * supplemental data to the transformations.
   * @throws MOASystemException A system error occurred building one of the
   * transformations.
   * @throws MOAApplicationException An error occurred building one of the
   * transformations.
   */
  public List buildTransformationSupplements()
    throws MOASystemException, MOAApplicationException {
    TransactionContext context =
      TransactionContextManager.getInstance().getTransactionContext();
    ConfigurationProvider config = context.getConfiguration();
    SignatureManifestCheckParams checkParams =
      request.getSignatureManifestCheckParams();
    List transformsProfiles = new ArrayList();
    List transformationSupplements = new ArrayList();
    DataObjectFactory factory = DataObjectFactory.getInstance();
    List refInfos = checkParams.getReferenceInfos();
    Iterator refIter;
    Iterator prIter;
    Iterator trIter;

    // build the list of all VerifyTransformsInfoProfiles in all ReferenceInfos
    refInfos = checkParams.getReferenceInfos();
    for (refIter = refInfos.iterator(); refIter.hasNext();) {
      ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
      List profiles = refInfo.getVerifyTransformsInfoProfiles();

      transformsProfiles.addAll(
        ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config));
    }

    // build the DataObjects
    for (prIter = transformsProfiles.iterator(); prIter.hasNext();) {
      VerifyTransformsInfoProfileExplicit profile =
        (VerifyTransformsInfoProfileExplicit) prIter.next();
      List transformParameters = profile.getTransformParameters();

      for (trIter = transformParameters.iterator(); trIter.hasNext();) {
        TransformParameter trParam = (TransformParameter) trIter.next();
        transformationSupplements.add(
          factory.createFromTransformParameter(trParam));
      }
    }
    
    return transformationSupplements;
  }

}