/*******************************************************************************
 * Copyright 2019 Graz University of Technology
 * MOA ZS has been developed in a cooperation between EGIZ
 * and Graz University of Technology.
 * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * https://joinup.ec.europa.eu/news/understanding-eupl-v12
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
package at.gv.egiz.moazs.config;

import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService;
import at.gv.egiz.moazs.util.FileUtils;
import at.gv.egiz.moazs.backend.SignatureVerifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.function.Consumer;

/**
 * @author Christof Rabensteiner
 *
 */
@Configuration
public class MoaSigConfig {

    private static final Logger log = LoggerFactory.getLogger(MoaSigConfig.class);

    private static final String MOA_SPSS_CONFIG_FILE_PROPERTY = "moa.spss.server.configuration";
    private static final String JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY = "javax.net.ssl.trustStoreType";
    private static final String JAVAX_SSL_KEYSTORE_TYPE_PROPERTY = "javax.net.ssl.keyStoreType";
    private static final String SET_PROPERTY_MSG_TEMPLATE = "Set system property '{}' to {}" ;

    private final String trustStoreType;
    private final String keyStoreType;
    private final String defaultTrustProfile;
    private final String spssConfigFilePath;
    private final FileUtils fileUtils;

    public MoaSigConfig(@Value("${javax.net.ssl.trustStoreType}") String trustStoreType,
                        @Value("${javax.net.ssl.keyStoreType}") String keyStoreType,
                        @Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile,
                        @Value("${moa.spss.server.configuration}") String spssConfigFilePath,
                        @Autowired FileUtils fileUtils) throws IOException {
        this.trustStoreType = trustStoreType;
        this.keyStoreType = keyStoreType;
        this.defaultTrustProfile = defaultTrustProfile;
        this.spssConfigFilePath = spssConfigFilePath;
        this.fileUtils = fileUtils;
        fallBackToSpringEnvForMoaSPSSConfigProperty();
        fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty();
    }

    private void fallBackToSpringEnvForMoaSPSSConfigProperty() throws IOException {
        log.debug("Value of spssConfigFilePath is {}", spssConfigFilePath);

        if(System.getProperty(MOA_SPSS_CONFIG_FILE_PROPERTY) == null) {

            var realFile = new File(fileUtils.determinePath(spssConfigFilePath));
            log.debug("spssConfigFilePath.getCanonicalPath(): {}", realFile.getCanonicalPath());

            if(realFile.exists() && realFile.canRead()) {
                log.debug(SET_PROPERTY_MSG_TEMPLATE, MOA_SPSS_CONFIG_FILE_PROPERTY, realFile.getCanonicalPath());
                System.getProperties().setProperty(MOA_SPSS_CONFIG_FILE_PROPERTY, realFile.getCanonicalPath());
            } else {
                throw new FileNotFoundException("File '" + realFile.getCanonicalPath() + "' does not exist or is not readable.");
            }
        }
    }

    private void fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty() {
        if (System.getProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY) == null) {
            log.info(SET_PROPERTY_MSG_TEMPLATE, JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType);
            System.getProperties().setProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType);
        }

        if (System.getProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY) == null) {
            log.info(SET_PROPERTY_MSG_TEMPLATE, JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType);
            System.getProperties().setProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType);
        }
    }

    @Bean
    public String moaSPSSServerDefaultTrustProfile() {
        return defaultTrustProfile;
    }

    @Bean
    public ISignatureVerificationService moaSigVerifyService() {
        return new SignatureVerificationService();
    }

    @Bean
    public Consumer<byte[]> signatureVerifier(@Value("${moa.spss.is-active}") boolean isMoaSPSSActive,
                                              @Value("${moa.spss.is-manifest-check-active}") boolean isManifestCheckActive) {
        if (isMoaSPSSActive) {
            log.info("Moa SPSS is active. Signatures in SOAP Messages will be verified.");
            return new SignatureVerifier(moaSigVerifyService(), defaultTrustProfile, isManifestCheckActive);
        } else {
            log.warn("Moa SPSS is not active. Signatures in SOAP Messages will not be verified.");
            return signedXMLdocument -> {};
        }
    }
}