/**
 * 
 */
package at.knowcenter.wag.egov.egiz.sig.connectors.moa;

import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.exceptions.WebException;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;

/**
 * Connects to MOA providing the Data detached as LocRef on a local resource.
 * 
 * @author wprinz
 */
public class DetachedLocRefMOAConnector
{
  /**
   * The SIG_ID prefix.
   */
  public static final String SIG_ID_PREFIX = "etsi-bku-detached@"; //$NON-NLS-1$

  /**
   * The log.
   */
  private static Log log = LogFactory.getLog(DetachedLocRefMOAConnector.class);

  /**
   * The environemnt configuration of this connector containing templates and
   * other configurable elements.
   */
  protected Environment environment = null;

  /**
   * Constructor that builds the configuration environment for this connector
   * according to the given profile.
   * 
   * <p>
   * If confuguration parameters are not defined on that profile, the default
   * parameters defined in the configuration are used.
   * </p>
   * 
   * @param profile
   *          The profile from which the Environment should be assembled.
   * @throws SettingsException
   *           f.e.
   * @throws SignatureException
   *           f.e.
   */
  public DetachedLocRefMOAConnector(String profile) throws SignatureException, SettingsException
  {
    this.environment = new Environment(profile);
  }

  /**
   * Prepares the sign request xml to be sent using the sign request template.
   * 
   * @param data
   *          The SignatureData.
   * @return Returns the sign request xml to be sent.
   * @throws SignatureException
   *           f.e.
   */
  protected String prepareSignRequest(SignatureData data) throws SignatureException
  {
    log.debug("prepareSignRequestDetached:"); //$NON-NLS-1$

    String sign_request_template = this.environment.getSignRequestTemplate();

    String sign_key_identifier = this.environment.getSignKeyIdentifier();
    String loc_ref_content = // "http://wwwx.google.at";
    // this doesn't work - MOA always complains that file system access is
    // forbidden
    "file:///C:/wprinz/Filer/egiz2/test.utf8.txt";
    String mime_type = data.getMimeType();
    if (log.isDebugEnabled())
    {
      log.debug("sign keybox identifier = " + sign_key_identifier); //$NON-NLS-1$
      log.debug("LocRefContent = " + loc_ref_content); //$NON-NLS-1$
      log.debug("mime type = " + mime_type); //$NON-NLS-1$
    }

    String sign_request_xml = sign_request_template.replaceFirst(TemplateReplaces.KEY_IDENTIFIER_REPLACE, sign_key_identifier);
    sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, loc_ref_content);
    sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.MIME_TYPE_REPLACE, mime_type);

    log.debug("prepareSignRequestDetached finished."); //$NON-NLS-1$
    return sign_request_xml;
  }

  /**
   * Analyzes the sign response xml and extracts the signature data.
   * 
   * @param response_properties
   *          The response properties containing the response String and
   *          transport related information.
   * @return Returns the extracted data encapsulated in a SignatureObject.
   * @throws SignatureException
   *           f.e.
   */
  public SignSignatureObject analyzeSignResponse(Properties response_properties) throws SignatureException
  {
    log.debug("analyzeSignResponse:"); //$NON-NLS-1$

    String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);

    BKUHelper.checkResponseForError(response_string);

    // SignSignatureObject so = parseCreateXMLResponse(response_string);

    log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
    return null;// so;
  }

  /**
   * Performs a sign.
   * 
   * @param data
   *          The data to be signed.
   * @return Returns the signature object containing the signature data.
   * @throws SignatureException
   *           f.e.
   * @throws WebException
   */
  public SignSignatureObject doSign(SignatureData data) throws SignatureException, WebException
  {
    log.debug("doSign:"); //$NON-NLS-1$

    String sign_request_xml = prepareSignRequest(data);
    log.debug("sign_request_xml = " + sign_request_xml); //$NON-NLS-1$

    String url = this.environment.getSignURL();
    Properties response_properties = sendRequest(url, MOASoapConnection.SERVICE_SIGN, sign_request_xml, data);

    log.debug("response_string = " + response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY));; //$NON-NLS-1$
    SignSignatureObject sso = analyzeSignResponse(response_properties);

    // TODO this could be made more generic
    sso.response_properties = response_properties;

    log.debug("doSign finished."); //$NON-NLS-1$
    return sso;
  }

  protected Properties sendRequest(String url, String mode,
      String request_string, SignatureData data) throws SignatureException
  {
    try
    {
      Properties response_properties = MOASoapConnection.connectMOA(request_string, MOASoapConnection.SERVICE_SIGN, url);
      return response_properties;
    }
    catch (Exception e)
    {
      SignatureException se = new SignatureException(320, e);
      throw se;
    }
  }

  /**
   * Holds environment configuration information like templates.
   * 
   * @author wprinz
   */
  public static class Environment
  {
    /**
     * The configuration key of the sign keybox identifier.
     */
    protected static final String SIGN_KEY_IDENTIFIER_KEY = "moa.sign.KeyIdentifier"; //$NON-NLS-1$

    /**
     * The configuration key of the sign request template.
     */
    protected static final String SIGN_REQUEST_TEMPLATE_KEY = "moa.sign.request.detached"; //$NON-NLS-1$

    /**
     * The configuration key of the sign URL.
     */
    protected static final String SIGN_URL_KEY = "moa.sign.url"; //$NON-NLS-1$

    /**
     * The configuration key of the verify request template.
     */
    protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "moa.verify.request.detached"; //$NON-NLS-1$

    /**
     * The configuration key of the verify template.
     */
    protected static final String VERIFY_TEMPLATE_KEY = "moa.verify.template.detached"; //$NON-NLS-1$

    /**
     * The configuration key of the verify URL.
     */
    protected static final String VERIFY_URL_KEY = "moa.verify.url"; //$NON-NLS-1$

    /**
     * The configuration key for the ECDSA cert alg property.
     */
    protected static final String ECDSA_CERT_ALG_KEY = "cert.alg.ecdsa"; //$NON-NLS-1$

    /**
     * The configuration key for the RSA cert alg property.
     */
    protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa"; //$NON-NLS-1$

    protected String sign_key_identifier = null;

    protected String sign_request_template = null;

    protected String sign_url = null;

    protected String verify_request_template = null;

    protected String verify_template = null;

    protected String verify_url = null;

    protected String cert_alg_ecdsa = null;

    protected String cert_alg_rsa = null;

    /**
     * Initializes the environment with a given profile.
     * 
     * @param profile
     *          The configuration profile.
     * @throws SettingsException
     *           f.e.
     * @throws SignatureException
     *           f.e.
     */
    public Environment(String profile) throws SettingsException, SignatureException
    {
      SettingsReader settings = SettingsReader.getInstance();

      this.sign_key_identifier = getConnectorValueFromProfile(settings, profile, SIGN_KEY_IDENTIFIER_KEY);

      String sign_request_filename = getConnectorValueFromProfile(settings, profile, SIGN_REQUEST_TEMPLATE_KEY);
      this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
      if (this.sign_request_template == null)
      {
        // TODO make this a settings exception
        throw new SignatureException(300, "Can not read the create xml request template"); //$NON-NLS-1$
      }

      this.sign_url = getConnectorValueFromProfile(settings, profile, SIGN_URL_KEY);

      String verify_request_filename = getConnectorValueFromProfile(settings, profile, VERIFY_REQUEST_TEMPLATE_KEY);
      this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename));
      if (this.verify_request_template == null)
      {
        // TODO make this a settings exception
        throw new SignatureException(300, "Can not read the verify xml request template"); //$NON-NLS-1$
      }

      String verify_filename = getConnectorValueFromProfile(settings, profile, VERIFY_TEMPLATE_KEY);
      this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename));
      if (this.verify_template == null)
      {
        // TODO make this a settings exception
        throw new SignatureException(300, "Can not read the verify template"); //$NON-NLS-1$
      }

      this.verify_url = getConnectorValueFromProfile(settings, profile, VERIFY_URL_KEY);

      this.cert_alg_ecdsa = settings.getValueFromKey(ECDSA_CERT_ALG_KEY);

      this.cert_alg_rsa = settings.getValueFromKey(RSA_CERT_ALG_KEY);

    }

    /**
     * Returns the sign key identifier.
     * 
     * @return Returns the sign key identifier.
     */
    public String getSignKeyIdentifier()
    {
      return this.sign_key_identifier;
    }

    /**
     * Returns the sign request template.
     * 
     * @return Returns the sign request template.
     */
    public String getSignRequestTemplate()
    {
      return this.sign_request_template;
    }

    /**
     * Returns the sign URL.
     * 
     * @return Returns the sign URL.
     */
    public String getSignURL()
    {
      return this.sign_url;
    }

    /**
     * Returns the verify request template.
     * 
     * @return Returns the verify request template.
     */
    public String getVerifyRequestTemplate()
    {
      return this.verify_request_template;
    }

    /**
     * Returns the verify template.
     * 
     * @return Returns the verify template.
     */
    public String getVerifyTemplate()
    {
      return this.verify_template;
    }

    /**
     * Returns the verify URL.
     * 
     * @return Returns the verify URL.
     */
    public String getVerifyURL()
    {
      return this.verify_url;
    }

    /**
     * Returns the ecdsa cert alg property.
     * 
     * @return Returns the ecdsa cert alg property.
     */
    public String getCertAlgEcdsa()
    {
      return this.cert_alg_ecdsa;
    }

    /**
     * Returns the rsa cert alg property.
     * 
     * @return Returns the rsa cert alg property.
     */
    public String getCertAlgRsa()
    {
      return this.cert_alg_rsa;
    }

    /**
     * Reads the configuration entry given by the key, first from the given
     * profile, if not found from the defaults.
     * 
     * @param settings
     *          The settings.
     * @param profile
     *          The profile.
     * @param key
     *          The configuration key.
     * @return Returns the configuration entry.
     */
    public static String getConnectorValueFromProfile(SettingsReader settings,
        String profile, String key)
    {
      String value = settings.getValueFromKey("sig_obj." + profile + "." + key); //$NON-NLS-1$//$NON-NLS-2$
      if (value == null)
      {
        value = settings.getValueFromKey(key);
      }
      return value;
    }

  }

}