#if HAVE_CRT
#define _CRTDBG_MAP_ALLOC 
#include <stdlib.h> 
#include <crtdbg.h>
#endif //HAVE_CRT
/*
* Copyright (C) 2020, University of the Basque Country (UPV/EHU)
* Contact for licensing options: <licensing-mcpttclient(at)mcopenplatform(dot)com>
*
* The original file was part of Open Source Doubango Framework
* Copyright (C) 2010-2011 Mamadou Diop.
* Copyright (C) 2012 Doubango Telecom <http://doubango.org>
*
* This file is part of Open Source Doubango Framework.
*
* DOUBANGO is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* DOUBANGO is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with DOUBANGO.
*
*/


/**@file thttp_session.c
 * @brief HTTP/HTTPS session.
 *
 * @author Mamadou Diop <diopmamadou(at)doubango[dot]org>
 *

 */
#include "tinyhttp/thttp_session.h"

#include "thttp.h"
#include "tinyhttp/thttp_action.h"

#include "tinyhttp/headers/thttp_header_Dummy.h"
#include "tinyhttp/headers/thttp_header_WWW_Authenticate.h"

#include "tsk_debug.h"

/**@defgroup thttp_session_group HTTP Session
*/

int thttp_session_signal(thttp_session_t *self, thttp_action_type_t atype);

/**Sets parameters.
*/
int __thttp_session_set(thttp_session_t *self, va_list* app)
{
	thttp_session_param_type_t curr;

	if(!self){
		return -1;
	}

	while((curr=va_arg(*app, thttp_session_param_type_t)) != httpp_null){
		switch(curr){
			case httpp_option:
				{	/* (thttp_session_option_t)ID_ENUM, (const char*)VALUE_STR */
					thttp_session_option_t id = va_arg(*app, thttp_session_option_t);
					const char* value = va_arg(*app, const char *);
					tsk_options_add_option(&self->options, id, value);
					break;
				}

			case httpp_header:
				{	/* (const char*)NAME_STR, (const char*)VALUE_STR */
					const char* name = va_arg(*app, const char *);
					const char* value = va_arg(*app, const char *);
					if(value == ((const char*)-1)){ /* UNSET */
						tsk_params_remove_param(self->headers, name);
					}
					else{ /* SET */
						tsk_params_add_param(&self->headers, name, value);
					}
					break;
				}
			
			case httpp_cred:
				{	/* (const char*)USERNAME_STR, (const char*)PASSWORD_STR */
					tsk_strupdate(&self->cred.usename, va_arg(*app, const char *));
					tsk_strupdate(&self->cred.password, va_arg(*app, const char *));
					break;
				}

			case httpp_userdata:
				{	/* (const void*)USERDATA_PTR */
					self->userdata = va_arg(*app, const void *);
					break;
				}

			default:
				{	/* va_list will be unsafe => exit */
					TSK_DEBUG_ERROR("NOT SUPPORTED.");
					goto bail;
				}
		} /* sxitch */
	} /* while */
	return 0;

bail:
	return -2;
}

/**@ingroup thttp_session_group
* Creates new session.
* @param stack The HTTP/HTTPS @a stack to use. The @a stack shall be created using @ref thttp_stack_create.
* @param ... Any @b THTTP_SESSION_SET_*() macros. MUST ends with @ref THTTP_SESSION_SET_NULL().
* @retval A pointer to the newly created session.
* A session is a well-defined object.
*
* @code
thttp_session_handle_t * session = thttp_session_create(stack,
	// session-level parameters
	THTTP_SESSION_SET_PARAM("timeout", "6000"),

	// session-level headers
	THTTP_SESSION_SET_HEADER("Pragma", "No-Cache"),
	THTTP_SESSION_SET_HEADER("Connection", "Keep-Alive"),
	THTTP_SESSION_SET_HEADER("User-Agent", "organization 1.0"),
			
	THTTP_SESSION_SET_NULL());
* @endcode
*
* @sa @ref thttp_session_set
*/
thttp_session_handle_t* thttp_session_create(const thttp_stack_handle_t* stack, ...)
{
	thttp_session_handle_t* ret = tsk_null;

	if((ret = tsk_object_new(thttp_session_def_t, stack))){
		va_list ap;
		va_start(ap, stack);
		if(__thttp_session_set(ret, &ap)){
			TSK_OBJECT_SAFE_FREE(ret);
		}
		va_end(ap);
	}
	else{
		TSK_DEBUG_ERROR("failed to create new HTTP/HTTPS session.");
	}
	return ret;
}

/**@ingroup thttp_session_group
* Updates the session parameters.
* @param self The session to update. The session shall be created using @ref thttp_session_create().
* @param ... Any @b THTTP_SESSION_SET_*() macros. MUST ends with @ref THTTP_SESSION_SET_NULL().
* @retval Zero if succeed and non zero error code otherwise.
*
* @code
int ret = thttp_session_set(session,
	// session-level parameters
	THTTP_SESSION_SET_OPTION(THTTP_SESSION_OPTION_TIMEOUT, "6000"),

	// session-level headers
	THTTP_SESSION_SET_HEADER("Pragma", "No-Cache"),
	THTTP_SESSION_SET_HEADER("Connection", "Keep-Alive"),
	THTTP_SESSION_SET_HEADER("User-Agent", "organization 1.0"),
			
	THTTP_SESSION_SET_NULL());
* @endcode
*
* @sa @ref thttp_session_create
*/
int thttp_session_set(thttp_session_handle_t *self, ...)
{
	if(self){
		int ret;
		va_list ap;

		thttp_session_t *session = self;

		if(session->id == THTTP_SESSION_INVALID_ID){
			TSK_DEBUG_ERROR("Using invalid session.");
			return -2;
		}
		
		va_start(ap, self);
		ret = __thttp_session_set(session, &ap);
		va_end(ap);
		return ret;
	}

	return -1;
}

/**@ingroup thttp_session_group
* Gets the session id.
* @param self The session for which to get the id.
* @retval The id of the session.
*/
thttp_session_id_t thttp_session_get_id(const thttp_session_handle_t *self)
{
	const thttp_session_t *session = self;
	if(session){
		return session->id;
	}
	return THTTP_SESSION_INVALID_ID;
}

/**@ingroup thttp_session_group
* Gets the user context (user/application data).
* @param self A pointer to the session from which to get the context.
* @retval A pointer to the context. Previously defined by using @ref THTTP_SESSION_SET_USERDATA() macro.
* @sa @ref THTTP_SESSION_SET_USERDATA()
*/
const void* thttp_session_get_userdata(const thttp_session_handle_t *self)
{
	if(self){
		return ((const thttp_session_t*)self)->userdata;
	}
	return tsk_null;
}

int thttp_session_closefd(thttp_session_handle_t *_self)
{
	int ret = 0;
	thttp_session_t* self = _self;

	if(self->fd != TNET_INVALID_FD){
		if((ret = tnet_transport_remove_socket(self->stack->transport, &self->fd))){
			ret = tnet_sockfd_close(&self->fd);
		}
	}
	
	return ret;
}

/** Updates authentications headers.
*/
int thttp_session_update_challenges(thttp_session_t *self, const thttp_response_t* response, tsk_bool_t answered)
{
	int ret = 0;
	tsk_size_t i;

	tsk_list_item_t *item;

	thttp_challenge_t *challenge;
	
	const thttp_header_WWW_Authenticate_t *WWW_Authenticate;
	const thttp_header_Proxy_Authenticate_t *Proxy_Authenticate;

	tsk_safeobj_lock(self);

	/* RFC 2617 - Digest Operation

	*	(A) The client response to a WWW-Authenticate challenge for a protection
		space starts an authentication session with that protection space.
		The authentication session lasts until the client receives another
		WWW-Authenticate challenge from any server in the protection space.

		(B) The server may return a 401 response with a new nonce value, causing the client
		to retry the request; by specifying stale=TRUE with this response,
		the server tells the client to retry with the new nonce, but without
		prompting for a new username and password.
	*/
	/* RFC 2617 - 1.2 Access Authentication Framework
		The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge.
	*/

	/* FIXME: As we perform the same task ==> Use only one loop.
	*/

	for(i =0; (WWW_Authenticate = (const thttp_header_WWW_Authenticate_t*)thttp_message_get_headerAt(response, thttp_htype_WWW_Authenticate, i)); i++)
	{
		tsk_bool_t isnew = tsk_true;

		tsk_list_foreach(item, self->challenges)
		{
			challenge = item->data;
			if(challenge->isproxy){
				continue;
			}
			
			if(tsk_striequals(challenge->realm, WWW_Authenticate->realm) && (WWW_Authenticate->stale || !answered)){
				/*== (B) ==*/
				if((ret = thttp_challenge_update(challenge, 
					WWW_Authenticate->scheme,
					WWW_Authenticate->realm, 
					WWW_Authenticate->nonce, 
					WWW_Authenticate->opaque, 
					WWW_Authenticate->algorithm, 
					WWW_Authenticate->qop))){
					return ret;
				}
				else{
					isnew = tsk_false;
					continue;
				}
			}
			else{
				ret = -1;
				goto bail;
			}
		}

		if(isnew){
			if((challenge = thttp_challenge_create(tsk_false, /* Not proxy */
					WWW_Authenticate->scheme, 
					WWW_Authenticate->realm, 
					WWW_Authenticate->nonce, 
					WWW_Authenticate->opaque, 
					WWW_Authenticate->algorithm, 
					WWW_Authenticate->qop))){
				tsk_list_push_back_data(self->challenges, (void**)&challenge);
			}
			else{
				ret = -1;
				goto bail;
			}
		}
	}
	
	for(i=0; (Proxy_Authenticate = (const thttp_header_Proxy_Authenticate_t*)thttp_message_get_headerAt(response, thttp_htype_Proxy_Authenticate, i)); i++)
	{
		tsk_bool_t isnew = tsk_true;

		tsk_list_foreach(item, self->challenges){
			challenge = item->data;
			if(!challenge->isproxy){
				continue;
			}
			
			if(tsk_striequals(challenge->realm, Proxy_Authenticate->realm) && (Proxy_Authenticate->stale || !answered)){
				/*== (B) ==*/
				if((ret = thttp_challenge_update(challenge, 
					Proxy_Authenticate->scheme, 
					Proxy_Authenticate->realm, 
					Proxy_Authenticate->nonce, 
					Proxy_Authenticate->opaque, 
					Proxy_Authenticate->algorithm, 
					Proxy_Authenticate->qop)))
				{
					goto bail;
				}
				else{
					isnew = tsk_false;
					continue;
				}
			}
			else{
				ret = -1;
				goto bail;
			}
		}

		if(isnew){
			if((challenge = thttp_challenge_create(tsk_true, /* Proxy */
					Proxy_Authenticate->scheme, 
					Proxy_Authenticate->realm, 
					Proxy_Authenticate->nonce,
					Proxy_Authenticate->opaque,
					Proxy_Authenticate->algorithm, 
					Proxy_Authenticate->qop)))
			{
				tsk_list_push_back_data(self->challenges, (void**)&challenge);
			}
			else{
				ret = -1;
				goto bail;
			}
		}
	}

bail:
	tsk_safeobj_unlock(self);
	return ret;

}

/* internal function */
int thttp_session_signal(thttp_session_t *self, thttp_action_type_t atype)
{
	tsk_list_item_t *item;
	
	if(!self){
		TSK_DEBUG_ERROR("Invalid parameter");
		return -1;
	}
	
	tsk_safeobj_lock(self);
again:
	tsk_list_foreach(item, self->dialogs){
		item = tsk_object_ref(item);
		thttp_dialog_fsm_act((thttp_dialog_t*)item->data, atype, tsk_null, tsk_null);
		/* As the above action could terminate the dialog (which means change the content of self->dialogs) 
		* => list becomes unsafe */
		if(!(item = tsk_object_unref(item))){
			goto again;
		}
	}

	switch(atype){
		case thttp_thttp_atype_closed:
			self->fd = TNET_INVALID_FD;
			break;
		default:
			break;
	}
	
	tsk_safeobj_unlock(self);

	return 0;
}

/** Signals to all dialogs that the connection have been closed. */
int thttp_session_signal_closed(thttp_session_t *self)
{
	return thttp_session_signal(self, thttp_thttp_atype_closed);
}

/** Signals to all dialogss that we got an error */
int thttp_session_signal_error(thttp_session_t *self)
{
	return thttp_session_signal(self, thttp_atype_error);
}


/** Retrieves a session by fd */
thttp_session_t* thttp_session_get_by_fd(thttp_sessions_L_t* sessions, tnet_fd_t fd)
{
	thttp_session_t* ret = tsk_null;
	const tsk_list_item_t *item;
	
	if(!sessions){
		goto bail;
	}

	tsk_list_foreach(item, sessions){
		if(((thttp_session_t*)item->data)->fd == fd){
			ret = tsk_object_ref(item->data);
			goto bail;
		}
	}

bail:
	return ret;
}




//========================================================
//	HTTP SESSION object definition
//
static tsk_object_t* _thttp_session_create(tsk_object_t * self, va_list * app)
{
	thttp_session_t *session = self;
	static thttp_session_id_t unique_id = THTTP_SESSION_INVALID_ID;
	if(session){
		tsk_safeobj_init(session);

		session->stack = va_arg(*app, const thttp_stack_handle_t*);
		session->options = tsk_list_create();
		session->headers = tsk_list_create();
		session->challenges = tsk_list_create();
		session->dialogs = tsk_list_create();
		session->fd = TNET_INVALID_FD;
		
		session->id = THTTP_SESSION_INVALID_ID;

		/* add the session to the stack */
		if(session->stack){
			session->id = ++unique_id;
			tsk_list_push_back_data(session->stack->sessions, (void**)&session);
		}
	}

	return self;
}

static tsk_object_t* thttp_session_destroy(tsk_object_t * self)
{ 
	thttp_session_t *session = self;
	if(session){
		TSK_DEBUG_INFO("*** HTTP/HTTPS Session destroyed ***");

		/* remove from the stack */
		if(session->stack){
			tsk_list_remove_item_by_data(session->stack->sessions, session);
		}
		
		TSK_OBJECT_SAFE_FREE(session->options);
		TSK_OBJECT_SAFE_FREE(session->headers);
		TSK_OBJECT_SAFE_FREE(session->challenges);
		TSK_OBJECT_SAFE_FREE(session->dialogs);
		
		// cred
		TSK_FREE(session->cred.usename);
		TSK_FREE(session->cred.password);
		
		// fd
		if(session->fd != TNET_INVALID_FD){
			if(tnet_transport_remove_socket(session->stack->transport, &session->fd)){
				tnet_sockfd_close(&session->fd);
			}
		}

		tsk_safeobj_deinit(session);
	}
	return self;
}

static int thttp_session_cmp(const tsk_object_t *_session1, const tsk_object_t *_session2)
{
	const thttp_session_t *session1 = _session1;
	const thttp_session_t *session2 = _session2;

	if(session1 && session2){
		return (int)(session1->id-session2->id);
	}
	return -1;
}

static const tsk_object_def_t thttp_session_def_s = 
{
	sizeof(thttp_session_t),
	_thttp_session_create, 
	thttp_session_destroy,
	thttp_session_cmp, 
};
const tsk_object_def_t *thttp_session_def_t = &thttp_session_def_s;