package com.shkpr.service.proxycenter.components;

import com.shkpr.service.proxycenter.commtools.HttpTool;
import com.shkpr.service.proxycenter.constants.ApiURI;
import com.shkpr.service.proxycenter.controllerfilter.TokenAuthenticationService;
import com.shkpr.service.proxycenter.dto.ResponseCode;
import org.apache.http.client.HttpClient;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.dsmiley.httpproxy.ProxyServlet;

import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public abstract class AbstractProxyServlet extends ProxyServlet {
    private String apiProxy = "https://127.0.0.1:9000/";

    public AbstractProxyServlet(String apiProxy) {
        this.apiProxy = apiProxy;
    }

    public AbstractProxyServlet() {
    }

    @Override
    protected HttpClient createHttpClient() {
        HttpClientBuilder clientBuilder = HttpClientBuilder.create().
                setDefaultRequestConfig(this.buildRequestConfig()).
                setDefaultSocketConfig(this.buildSocketConfig());
        clientBuilder.setMaxConnTotal(this.maxConnections);
        clientBuilder.setMaxConnTotal(maxConnections);
        if (this.useSystemProperties) {
            clientBuilder = clientBuilder.useSystemProperties();
        }

        SSLContext sslContext = null;
        try {
            sslContext = SSLContext.getInstance("TLS");sslContext.init(null, new X509TrustManager[]{new X509TrustManager() {
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, new SecureRandom());
        }catch (Exception e){}

        if (sslContext != null){
            SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
            clientBuilder.setSSLSocketFactory(sslSocketFactory);
        }
        return clientBuilder.build();
    }

    @Override
    protected void service(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws ServletException, IOException {
        ResponseCode headerCheck = checkHeader(servletRequest, servletResponse);
        if (headerCheck != ResponseCode.RESULT_NORMAL) {
            HttpTool.handlerHttpErrorStatus(servletResponse, headerCheck);
            return;
        }

        final String destUri = servletRequest.getRequestURI();
        servletRequest.setAttribute(ATTR_TARGET_URI, null);

        if (destUri.startsWith(ApiURI.URI_BASE_PROXY_H)){
            //若不重置super.targetUri；则super.targetUri实际地址为【/data-gw/3th/dma-proxy/*】中*号匹配的部分
            //若重置super.targetUri=XXX; 则super.targetUri实际地址为XXX +【/data-gw/3th/dma-proxy/*】中*号匹配的部分
            super.targetUri = ApiURI.URI_BASE_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_TASK_PROXY_H)){
            super.targetUri = ApiURI.URI_TASK_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_ANALY_PROXY_H)){
            //nothing
        }else if (destUri.startsWith(ApiURI.URI_PUSH_PROXY_H)){
            super.targetUri = ApiURI.URI_PUSH_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_IOT_STATS_PROXY_H)){
            super.targetUri = ApiURI.URI_IOT_STATS_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_IOT_STATS_OLD_PROXY_H)){
            super.targetUri = ApiURI.URI_IOT_STATS_OLD_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_GIS_AE_PROXY_H)){
            super.targetUri = ApiURI.URI_GIS_AE_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_DATE_GW_PROXY_H)){
            super.targetUri = ApiURI.URI_DATE_GW_PROXY_H;
        }else if (destUri.startsWith(ApiURI.URI_AI_MODEL_PROXY_H)){
            super.targetUri = ApiURI.URI_AI_MODEL_PROXY_H;
        }

        URI uri = null;
        try {
            uri = new URI(apiProxy);
        } catch (URISyntaxException e) {
            e.printStackTrace();
        }
        servletRequest.setAttribute(ATTR_TARGET_HOST, null);
        super.targetHost = URIUtils.extractHost(uri);
        super.service(servletRequest, servletResponse);
    }

    protected ResponseCode checkHeader(HttpServletRequest servletRequest, HttpServletResponse servletResponse){
        ResponseCode oRes = ResponseCode.RESULT_NORMAL;
        /*String strContentType = servletRequest.getHeader("Content-Type");
        strContentType = strContentType!=null ? strContentType.toLowerCase():"xxx";
        String strContent = servletRequest.getHeader("Content");                       //经测试发现ios只能设置Content
        strContent = strContent!=null ? strContent.toLowerCase():"xxx";

        String strCompare = TokenAuthenticationService.HEADER_CONTENT_TYPE;
        strCompare = strCompare.toLowerCase();
        String strShortCompare = TokenAuthenticationService.HEADER_SHORT_CONTENT_TYPE;
        strShortCompare = strShortCompare.toLowerCase();

        if (!strContentType.contains(strCompare)
                && !strContentType.contains(strShortCompare)
                && !strContent.contains(strCompare)
                && !strContent.contains(strShortCompare)){
            oRes = ResponseCode.STATUS_INVALID_CONTENT_TYPE;
        }else {
            oRes = ResponseCode.RESULT_NORMAL;
        }*/
        return oRes;
    }

}