/*
    * Copyright 2009-2010 Capgemini
    * Licensed under the Apache License, Version 2.0 (the "License"); 
    * you may not use this file except in compliance with the License. 
    * You may obtain a copy of the License at 
    * 
    * http://www.apache.org/licenses/LICENSE-2.0 
    * 
    * Unless required by applicable law or agreed to in writing, software 
   * distributed under the License is distributed on an "AS IS" BASIS, 
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
   * See the License for the specific language governing permissions and 
   * limitations under the License. 
   * 
   */
  package net.sourceforge.statelessfilter.backend.plaincookie;
  
  import java.io.ByteArrayInputStream;
  import java.io.ByteArrayOutputStream;
  import java.io.IOException;
  import java.io.InputStream;
  import java.io.ObjectInputStream;
  import java.io.ObjectOutputStream;
  import java.io.OutputStream;
  import java.security.SignatureException;
  import java.util.List;
  import java.util.Map;
  import java.util.zip.GZIPInputStream;
  import java.util.zip.GZIPOutputStream;
  
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
  import net.sourceforge.statelessfilter.backend.ISessionData;
  import net.sourceforge.statelessfilter.backend.support.CookieBackendSupport;
  import net.sourceforge.statelessfilter.backend.support.CookieDataSupport;
  
  import org.apache.commons.lang.StringUtils;
  import org.slf4j.Logger;
  import org.slf4j.LoggerFactory;
  
  /**
   * Backend based on an uncrypted cookie. Can be used for non sensitive data.
   * Cookie can be compressed to save bandwidth.
   * 
   * <p>
   * Parameters :
   * </p>
   * <ul>
   * <li>cookiename : name of the cookie</li>
   * <li>compress : enable cookie compression (gzip) when value is "true"</li>
   * </ul>
   * 
   * @author Nicolas Richeton - Capgemini
   * 
   */
  public class PlainCookieBackend extends CookieBackendSupport {
  	private static final String DESERIALIZE_ERROR = "Cannot deserialize session. A new one will be created"; //$NON-NLS-1$
  	private static final String ID = "plaincookie"; //$NON-NLS-1$
  	private static final String PARAM_COMPRESS = "compress"; //$NON-NLS-1$
  	private static final String PARAM_KEY = "key"; //$NON-NLS-1$
  	private boolean compress = true;
  	private String key = null;
  	Logger logger = LoggerFactory.getLogger(PlainCookieBackend.class);
  
  	public PlainCookieBackend() {
  		setCookieName("s"); //$NON-NLS-1$
  	}
  
  	/**
  	 * @see com.capgemini.stateless.backend.plaincookie.ISessionBackend#destroy()
  	 */
  	@Override
  	public void destroy() {
  		// Nothing to do
  	}
  
  	/**
  	 * @see com.capgemini.stateless.backend.plaincookie.ISessionBackend#getId()
  	 */
  	@Override
  	public String getId() {
  		return ID;
  	}
  
  	/**
  	 * @see com.capgemini.stateless.backend.plaincookie.ISessionBackend#init(java.util.Map)
  	 */
  	@Override
  	public void init(Map<String, String> config) throws Exception {
  		super.init(config);
  
  		String compress = config.get(PARAM_COMPRESS);
  		if (!StringUtils.isEmpty(compress)) {
  			this.compress = Boolean.parseBoolean(compress);
  		}
  		
  		String key = config.get(PARAM_KEY);
  		if (!StringUtils.isEmpty(key)) {
 			this.key = key;
 		}
 
 		if (logger.isInfoEnabled()) {
 			logger.info("Cookie name: '" + cookieName + "', compression: '" //$NON-NLS-1$//$NON-NLS-2$
 					+ this.compress + "'"  ); //$NON-NLS-1$
 			
 			if( key != null ){
 				logger.info( "Cookie signature : " + (key != null) );
 			}
 		}
 	}
 
 	/**
 	 * @see com.capgemini.stateless.backend.plaincookie.ISessionBackend#restore(javax.servlet.http.HttpServletRequest)
 	 */
 	@Override
 	public ISessionData restore(HttpServletRequest request) {
 
 		try {
 			byte[] data = getCookieData(request, null, key !=null, key);
 
 			if (data != null) {
 				InputStream inputStream = new ByteArrayInputStream(data);
 				if (compress) {
 					inputStream = new GZIPInputStream(inputStream);
 				}
 
 				ObjectInputStream ois = new ObjectInputStream(inputStream);
 				CookieDataSupport s = (CookieDataSupport) ois.readObject();
 
 				if (s.isValid()
 						&& s.getRemoteAddress().equals(getFullRemoteAddr(request))) {
 					return s;
 				}
 			}
 		} catch (Exception e) {
 			logger.info(DESERIALIZE_ERROR, e);
 		}
 
 		return null;
 	}
 
 	/**
 	 * @see net.sourceforge.statelessfilter.backend.support.CookieBackendSupport#save(net.sourceforge.statelessfilter.backend.ISessionData,
 	 *      java.util.List, javax.servlet.http.HttpServletRequest,
 	 *      javax.servlet.http.HttpServletResponse)
 	 */
 	@Override
 	public void save(ISessionData session, List<String> dirtyAttributes,
 			HttpServletRequest request, HttpServletResponse response)
 			throws IOException {
 		try {
 			if (session != null) {
 				CookieDataSupport cookieData = new CookieDataSupport(session);
 				cookieData.setRemoteAddress(getFullRemoteAddr(request));
 
 				ByteArrayOutputStream baos = new ByteArrayOutputStream();
 				OutputStream outputStream = baos;
 				if (compress) {
 					outputStream = new GZIPOutputStream(outputStream);
 				}
 
 				ObjectOutputStream oos = new ObjectOutputStream(outputStream);
 				oos.writeObject(cookieData);
 				oos.close();
 				outputStream.close();
 				baos.close();
 
 				setCookieData(request, response, baos.toByteArray(), key !=null, key);
 
 				if (logger.isInfoEnabled()) {
 					logger.info("Cookie size : " + baos.toByteArray().length); //$NON-NLS-1$
 				}
 			} else {
 				setCookieData(request, response, null,key !=null, key);
 			}
 		} catch (SignatureException e) {
 			throw new IOException(e);
 		}
 	}
 }