package net.curisit.securis;

import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.Map;
import java.util.TreeMap;

import net.curisit.securis.beans.LicenseBean;
import net.curisit.securis.beans.RequestBean;
import net.curisit.securis.beans.SignedLicenseBean;
import net.curisit.securis.utils.JsonUtils;
import net.curisit.securis.utils.SignatureHelper;

import org.apache.commons.codec.binary.Base64;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import com.google.inject.Singleton;

/**
 * License generator and signer
 * 
 * @author roberto <roberto.sanchez@curisit.net>
 */
@Singleton
public class LicenseGenerator {

    private static final Logger LOG = LogManager.getLogger(LicenseGenerator.class);

    private static LicenseGenerator singleton = new LicenseGenerator();

    public static LicenseGenerator getInstance() {
        return singleton;
    }

    /**
     * Generate a license bean with the specified data
     * 
     * @param hw
     * @param customerCode
     *            - e.g: "BP"
     * @param maxInstances
     * @param maxUsers
     * @param maxTimeThreshold
     *            Max time between synchronizations expressed in days
     * @return
     * @throws SeCurisException
     */
    public LicenseBean generateLicense(RequestBean req, Map<String, Object> metadata, Date expirationDate, String licenseCode, String appName)
            throws SeCurisException {
        LOG.debug("Generating license: MAC: {}, Customer code: {}, AppName: {}", req.getMacAddresses(), req.getCustomerCode(), appName);
        LicenseBean license = new LicenseBean(req);
        license.setAppName(appName);
        license.setExpirationDate(expirationDate);
        license.setMetadata(metadata);
        sign(license);

        return license;
    }

    /**
     * Generate a license file using a {@link LicenseBean}
     * 
     * @param license
     * @param file
     * @throws SeCurisException
     */
    public void save(LicenseBean license, File file) throws SeCurisException {
        SignedLicenseBean signedLic = new SignedLicenseBean(license);
        byte[] json;
        try {
            json = JsonUtils.toPrettyJSON(signedLic).getBytes("utf-8");
            Files.write(Paths.get(file.toURI()), json, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
        } catch (UnsupportedEncodingException e) {
            LOG.error("Error creating json doc from license: " + license, e);
            throw new SeCurisException("Error creating json doc from license: " + license, e);
        } catch (IOException e) {
            LOG.error("Error creating license file: " + file, e);
            throw new SeCurisException("Error creating json doc from license: " + license, e);
        }

        LOG.info("License saved in {}", file);

    }

    /**
     * 
     * @param licBean
     * @return
     * @throws NoSuchAlgorithmException
     * @throws IOException
     * @throws InvalidKeySpecException
     * @throws InvalidKeyException
     * @throws SignatureException
     */
    public String sign(LicenseBean licBean) throws SeCurisException {
        SignatureHelper sh = SignatureHelper.getInstance();

        Signature signature;
        try {
            signature = Signature.getInstance(SignatureHelper.SIGNATURE_GENERATION_ALGORITHM);
            signature.initSign(sh.generatePrivateKey(new File(System.getProperty("user.home") + File.separator + ".SeCuris" + File.separator + "keys"
                    + File.separator + "securis_private_key.pkcs8")));

            sh.prepareSignature(signature, licBean);

            byte[] signatureData = signature.sign();
            licBean.setSignature(Base64.encodeBase64String(signatureData));
            return licBean.getSignature();
        } catch (NoSuchAlgorithmException e) {
            LOG.error("Error signing license for " + licBean, e);
        } catch (InvalidKeyException e) {
            LOG.error("Error signing license for " + licBean, e);
        } catch (InvalidKeySpecException e) {
            LOG.error("Error signing license for " + licBean, e);
        } catch (IOException e) {
            LOG.error("Error signing license for " + licBean, e);
        } catch (SignatureException e) {
            LOG.error("Error signing license for " + licBean, e);
        }
        throw new SeCurisException("License could not be generated");
    }

    public static void main(String[] args) throws SeCurisException {

        RequestBean req = ReqGenerator.getInstance().loadRequest(new File("/Users/cproberto/Documents/wsCurisIT/SeCurisClient/license.req"));
        Map<String, Object> metadata = new TreeMap<>();
        // CurisData parameters:
        // metadata.put("maxUsers", 5);
        // metadata.put("maxSessionUsers", 100);
        // curisIntegrity
        metadata.put("maxUsers", 0);
        metadata.put("maxInstances", 0);
        metadata.put("timeThreshold", 0);
        metadata.put("datasetPrefix", "BP");
        metadata.put("extendedMode", true);

        Date expirationDate = new Date(new Date().getTime() + (1000L * 3600 * 24 * 365 * 10));
        LicenseBean lic = LicenseGenerator.getInstance().generateLicense(req, metadata, expirationDate, "CI-01", "LIC-CURISTEC-0001");
        LicenseGenerator.getInstance().save(lic, new File("/Users/cproberto/Desktop/AxelLicCI.lic"));

        System.out.print("License expires at: " + expirationDate.getTime());

    }
}