/**
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements. See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership. The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
    * with the License. You may obtain a copy of the License at
    *
   * http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing,
   * software distributed under the License is distributed on an
   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   * KIND, either express or implied. See the License for the
   * specific language governing permissions and limitations
   * under the License.
   */
  package org.apache.wss4j.policy.model;
  
  import org.apache.neethi.Assertion;
  import org.apache.neethi.Policy;
  import org.apache.wss4j.policy.SPConstants;
  import org.apache.wss4j.policy.SPConstants.SPVersion;
  import org.w3c.dom.Element;
  
  import javax.xml.namespace.QName;
  
  import java.util.*;
  
  public class X509Token extends AbstractToken {
  
      public enum TokenType {
          WssX509V1Token10,
          WssX509V3Token10,
          WssX509Pkcs7Token10,
          WssX509PkiPathV1Token10,
          WssX509V1Token11,
          WssX509V3Token11,
          WssX509Pkcs7Token11,
          WssX509PkiPathV1Token11;
  
          private static final Map<String, TokenType> LOOKUP = new HashMap<>();
  
          static {
              for (TokenType u : EnumSet.allOf(TokenType.class)) {
                  LOOKUP.put(u.name(), u);
              }
          }
  
          public static TokenType lookUp(String name) {
              return LOOKUP.get(name);
          }
      }
  
      private boolean requireKeyIdentifierReference;
      private boolean requireIssuerSerialReference;
      private boolean requireEmbeddedTokenReference;
      private boolean requireThumbprintReference;
  
      private TokenType tokenType;
  
      public X509Token(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
                       Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
          super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
  
          parseNestedPolicy(nestedPolicy, this);
      }
  
      @Override
      public QName getName() {
          return getVersion().getSPConstants().getX509Token();
      }
  
      @Override
      public boolean equals(Object object) {
          if (object == this) {
              return true;
          }
          if (!(object instanceof X509Token)) {
              return false;
          }
  
          X509Token that = (X509Token)object;
          if (tokenType != that.tokenType) {
              return false;
          }
          if (requireKeyIdentifierReference != that.requireKeyIdentifierReference
              || requireIssuerSerialReference != that.requireIssuerSerialReference
              || requireEmbeddedTokenReference != that.requireEmbeddedTokenReference
              || requireThumbprintReference != that.requireThumbprintReference) {
              return false;
          }
  
          return super.equals(object);
      }
  
      @Override
      public int hashCode() {
         int result = 17;
         if (tokenType != null) {
             result = 31 * result + tokenType.hashCode();
         }
         result = 31 * result + Boolean.hashCode(requireKeyIdentifierReference);
         result = 31 * result + Boolean.hashCode(requireIssuerSerialReference);
         result = 31 * result + Boolean.hashCode(requireEmbeddedTokenReference);
         result = 31 * result + Boolean.hashCode(requireThumbprintReference);
 
         return 31 * result + super.hashCode();
     }
 
     @Override
     protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
         return new X509Token(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(),
                              getClaims(), nestedPolicy);
     }
 
     protected void parseNestedPolicy(Policy nestedPolicy, X509Token x509Token) {
         Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
         //we just process the first alternative
         //this means that if we have a compact policy only the first alternative is visible
         //in contrary to a normalized policy where just one alternative exists
         if (alternatives.hasNext()) {
             List<Assertion> assertions = alternatives.next();
             for (Assertion assertion : assertions) {
                 String assertionName = assertion.getName().getLocalPart();
                 String assertionNamespace = assertion.getName().getNamespaceURI();
                 DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
                 if (derivedKeys != null) {
                     if (x509Token.getDerivedKeys() != null) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setDerivedKeys(derivedKeys);
                     continue;
                 }
                 TokenType tokenType = TokenType.lookUp(assertionName);
                 if (tokenType != null) {
                     if (x509Token.getTokenType() != null) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     if (TokenType.WssX509V1Token10 == tokenType && SPVersion.SP11 != getVersion()) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setTokenType(tokenType);
                     continue;
                 }
 
                 QName requireKeyIdentifierRef =
                     getVersion().getSPConstants().getRequireKeyIdentifierReference();
                 QName requireIssuerSerialRef =
                     getVersion().getSPConstants().getRequireIssuerSerialReference();
                 QName requireEmbeddedRef =
                     getVersion().getSPConstants().getRequireEmbeddedTokenReference();
                 QName requireThumbprintRef =
                     getVersion().getSPConstants().getRequireThumbprintReference();
                 if (requireKeyIdentifierRef.getLocalPart().equals(assertionName)
                     && requireKeyIdentifierRef.getNamespaceURI().equals(assertionNamespace)) {
                     if (x509Token.isRequireKeyIdentifierReference()) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setRequireKeyIdentifierReference(true);
                     continue;
                 } else if (requireIssuerSerialRef.getLocalPart().equals(assertionName)
                         && requireIssuerSerialRef.getNamespaceURI().equals(assertionNamespace)) {
                     if (x509Token.isRequireIssuerSerialReference()) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setRequireIssuerSerialReference(true);
                     continue;
                 } else if (requireEmbeddedRef.getLocalPart().equals(assertionName)
                         && requireEmbeddedRef.getNamespaceURI().equals(assertionNamespace)) {
                     if (x509Token.isRequireEmbeddedTokenReference()) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setRequireEmbeddedTokenReference(true);
                     continue;
                 } else if (requireThumbprintRef.getLocalPart().equals(assertionName)
                         && requireThumbprintRef.getNamespaceURI().equals(assertionNamespace)) {
                     if (x509Token.isRequireThumbprintReference()) {
                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
                     }
                     x509Token.setRequireThumbprintReference(true);
                     continue;
 
                 }
             }
         }
     }
 
     public boolean isRequireKeyIdentifierReference() {
         return requireKeyIdentifierReference;
     }
 
     protected void setRequireKeyIdentifierReference(boolean requireKeyIdentifierReference) {
         this.requireKeyIdentifierReference = requireKeyIdentifierReference;
     }
 
     public boolean isRequireIssuerSerialReference() {
         return requireIssuerSerialReference;
     }
 
     protected void setRequireIssuerSerialReference(boolean requireIssuerSerialReference) {
         this.requireIssuerSerialReference = requireIssuerSerialReference;
     }
 
     public boolean isRequireEmbeddedTokenReference() {
         return requireEmbeddedTokenReference;
     }
 
     protected void setRequireEmbeddedTokenReference(boolean requireEmbeddedTokenReference) {
         this.requireEmbeddedTokenReference = requireEmbeddedTokenReference;
     }
 
     public boolean isRequireThumbprintReference() {
         return requireThumbprintReference;
     }
 
     protected void setRequireThumbprintReference(boolean requireThumbprintReference) {
         this.requireThumbprintReference = requireThumbprintReference;
     }
 
     public TokenType getTokenType() {
         return tokenType;
     }
 
     protected void setTokenType(TokenType tokenType) {
         this.tokenType = tokenType;
     }
 }