/*
* This payment servlet example written to use NETS estonia e-commerce servlet jdk version 1.6
* We need add into library path bcprov-jdk16-145.jar
* "simplersalibrary" project sources available http://code.google.com/p/simplersalibrary/
*  generally that development result simplify dramatically java security packages usage.
*  special thanks to laszlo.fazekas@estontorise.hu
*  This servlet written by : gretzky@hot.ee
*  testing enviroment key's
*
*   http://www.estcard.ee/publicweb/files/ecomdevel/mytestprivat.key
*   http://www.estcard.ee/publicweb/files/ecomdevel/ecomtestpublic.key
*  
*   put its into your classes directory
*     ../WEB-INF/classes
* */

import com.estontorise.simplersa.RSAToolFactory;
import com.estontorise.simplersa.interfaces.RSAKey;
import com.estontorise.simplersa.interfaces.RSATool;

import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.*;

public class PaymentServlet extends HttpServlet {
   private final String title = "Nets Estonia test Payment Servlet";
   private final String netsUrl = "https://pos.estcard.ee/servlet/iPayServlet";
   private final String myPaymentServletUrl="http://localhost:8080/pay";

    /**
     * Handle the HTTP GET POST method by building a simple web page.
     */

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
        doPost(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        PrintWriter out;

        // set content type and other response header fields first
        response.setContentType("text/html");
        // then write the data of the response
        out = response.getWriter();
        out.println("<html><head><title>");
        out.println(title);
        out.println("</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"></head><body>");
        out.println("<h1>" + title + "</h1>");

        if (!request.getParameterMap().containsKey("respcode")) {
            //*************************************************************************************************************//
            // PAYMENT BLOCK                                                                                               //
            //*************************************************************************************************************//

            //construct pagedata hashMap
            LinkedHashMap<String, String> pgd = new LinkedHashMap<String, String>();
            pgd.put("lang", "en");
            pgd.put("action", "gaf");
            pgd.put("ver", "004");
            pgd.put("id", "318DC77DC8");
                int x = 100000 + (int) (Math.random() * 999999);
                String ecuno = String.format("%12s", new SimpleDateFormat("yyyyMM").format(new Date()) + Integer.toString(x));
            pgd.put("ecuno", ecuno);
                String eamount = "100"; // 100 = 1 EUR
                eamount = String.format("%12s", eamount).replaceAll(" ", "0");
            pgd.put("eamount", eamount);
            pgd.put("cur", "EUR");
                String datetime = String.format("%12s", new SimpleDateFormat("yyyyMMddHHmmss").format(new Date()));
            pgd.put("datetime", datetime);
            pgd.put("charEncoding", "UTF-8");
            pgd.put("feedBackUrl", String.format("%-128s", myPaymentServletUrl));
            pgd.put("delivery", "S");

            // Append all componets
            StringBuilder sb = new StringBuilder();
            String data = sb.append(pgd.get("ver")).append(pgd.get("id")).append(pgd.get("ecuno")).append(pgd.get("eamount")).append(pgd.get("cur")).append(pgd.get("datetime")).append(pgd.get("feedBackUrl")).append(pgd.get("delivery")).toString();
            System.out.println("[" + data + "]");
            try {
                byte[] input = data.getBytes();
                RSATool tool = RSAToolFactory.getRSATool();
                // put private key into classes directory
                URL resource = PaymentServlet.class.getClassLoader().getResource("mytestprivat.key");
                RSAKey privateKey = tool.loadPrivateKey(new File(resource.toURI()));
                byte[] signature = new byte[0];
                signature = tool.signWithKey(input, privateKey);
                String mac = bytArrayToHexString(signature);
                pgd.put("mac", mac);
            } catch (Exception e) {
                e.printStackTrace();
            }


            out.println("<form method=\"GET\" name=\"payform\" action=\"" + netsUrl + "\" target=\"_blank\">");
            for (Map.Entry<String, String> entry : pgd.entrySet()) {
                out.println("<input type= \"hidden\" name=\"" + entry.getKey() + "\" value=\"" + entry.getValue() + "\">");
            }
            out.println("<input type=\"button\" value=\"pay 1 EUR\" onClick=\"this.form.submit();\"></form>");

            //=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*//

        } else {
            //************************************************************************************************************//
            // FEEDBACK BLOCK                                                                                             //
            //=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=* *//

            String ver = String.format("%3s", request.getParameter("ver")).replaceAll(" ", "0");
            String id = String.format("%-10s", request.getParameter("id"));
            String ecuno = String.format("%12s", request.getParameter("ecuno").replaceAll(" ", "0"));
            String receipt_no = String.format("%6s", request.getParameter("receipt_no")).replaceAll(" ", "0");
            String eamount = String.format("%12s", request.getParameter("eamount")).replaceAll(" ", "0");
            String cur = String.format("%3s", request.getParameter("cur"));
            String respcode = String.format("%3s", request.getParameter("respcode")).replaceAll(" ", "0");
            String datetime = String.format("%14s", request.getParameter("datetime"));
            String msgdata = String.format("%-40s", request.getParameter("msgdata"));
            String actiontext = String.format("%-40s", request.getParameter("actiontext"));

            String mac = request.getParameter("mac");


            StringBuilder sb = new StringBuilder();
            String data = sb.append(ver).append(id).append(ecuno).append(receipt_no).append(eamount).append(cur).append(respcode).append(datetime).append(msgdata).append(actiontext).toString();
            out.println("========= response code and message [" + respcode + " - " + actiontext + "] =========<br/>");
            //    out.println("========= datastring["+data+"] =========<br/>");

            boolean result = false;
            try {

                RSATool tool = RSAToolFactory.getRSATool();
                // put ecom test enviroment public key into your project classes directory
                URL resource = PaymentServlet.class.getClassLoader().getResource("ecomtestpublic.key");
                RSAKey publicKey = tool.loadPublicKey(new File(resource.toURI()));
                result = tool.verifyWithKey(data.getBytes(), hexStringToByteArray(mac), publicKey);

            } catch (Exception e) {
                e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
            }

            out.println("========= all message data authentication result [" + result + "] =========<br/>");

            //=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=* *//
        }

        out.println("</body></html>");
        out.close();

    }



    private String bytArrayToHexString(byte[] a) {
        StringBuilder sb = new StringBuilder();
        for (byte b : a){
            sb.append(String.format("%02x", b & 0xff));
        }
        return sb.toString();
    }


    private byte[] hexStringToByteArray(String s) {
        byte data[] = new byte[s.length() / 2];
        for (int i = 0; i < s.length(); i += 2) {
            data[i / 2] = (Integer.decode("0x" + s.charAt(i) + s.charAt(i + 1))).byteValue();
        }
        return data;
    }

}