/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at
 * docs/licenses/cddl.txt
 * or http://www.opensource.org/licenses/cddl1.php.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at
 * docs/licenses/cddl.txt.  If applicable,
 * add the following below this CDDL HEADER, with the fields enclosed
 * by brackets "[]" replaced with your own identifying information:
 *      Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 *
 *
 *      Portions Copyright 2021-2023 Ping Identity Corporation
 */
package com.unboundid.directory.sdk.scim2.types;

import com.unboundid.ldap.sdk.AddRequest;
import com.unboundid.ldap.sdk.CompareRequest;
import com.unboundid.ldap.sdk.CompareResult;
import com.unboundid.ldap.sdk.DeleteRequest;
import com.unboundid.ldap.sdk.ExtendedRequest;
import com.unboundid.ldap.sdk.ExtendedResult;
import com.unboundid.ldap.sdk.LDAPResult;
import com.unboundid.ldap.sdk.ModifyDNRequest;
import com.unboundid.ldap.sdk.ModifyRequest;
import com.unboundid.ldap.sdk.RootDSE;
import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.schema.Schema;
import com.unboundid.scim2.common.exceptions.ScimException;
import com.unboundid.util.NotExtensible;
import com.unboundid.util.NotNull;
import com.unboundid.util.Nullable;

import javax.servlet.http.HttpServletRequest;
import java.util.Set;

/**
 * This interface defines a set of helper methods for SCIM 2-related extensions
 * that interact with SCIM resources and sub-resources backed by an LDAP
 * server. Concrete instances of this interface may be obtained via
 * {@link SCIMServerContext}, and are always associated with a particular
 * SCIM resource type.
 * <p>
 * For PingAuthorize Server, the associated SCIM resource type must use an
 * LDAP store adapter as its primary store adapter, and the LDAP store adapter
 * must be backed by a Ping Identity Directory Server
 * or Directory Proxy Server.
 */
@NotExtensible
public interface SCIMLDAPInterface
{
  /**
   * Gets the LDAP base DN associated with the SCIM service. If the product is
   * PingAuthorize Server, this will be the base DN for the SCIM resource type's
   * primary store adapter.
   *
   * @return The base DN.
   */
  String getBaseDN();

  /**
   * Gets the LDAP server's schema.
   *
   * @return                The LDAP schema.
   * @throws ScimException  If the schema cannot be obtained.
   */
  @Nullable()
  Schema getSchema()
      throws ScimException;

  /**
   * Gets the controls supported by the LDAP server.
   *
   * @return The controls supported by the LDAP server as a set of OID values.
   * @throws ScimException
   *          If the supported LDAP controls cannot be obtained.
   */
  Set<String> getSupportedControls()
      throws ScimException;

  /**
   * Retrieves the LDAP server's root DSE.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   *
   * @return  The LDAP server's root DSE, or {@code null} if it is not
   *          available.
   * @throws  ScimException  If a problem occurs while attempting to retrieve
   *                         the server root DSE.
   */
  @Nullable()
  RootDSE getRootDSE(@NotNull final HttpServletRequest httpServletRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP add request.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  addRequest         The add request to be processed. It must not be
   *                            {@code null}.
   *
   * @return  The result of processing the add operation.
   * @throws  ScimException  If a connection cannot be obtained, if the server
   *                         rejects the add request, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response.
   */
  @NotNull()
  LDAPResult add(@NotNull final HttpServletRequest httpServletRequest,
                 @NotNull AddRequest addRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP compare request.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  compareRequest     The compare request to be processed. It must
   *                            not be {@code null}.
   *
   * @return  The result of processing the compare operation.
   * @throws  ScimException  If a connection cannot be obtained, if the server
   *                         rejects the compare request, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response.
   */
  @NotNull()
  CompareResult compare(@NotNull final HttpServletRequest httpServletRequest,
                        @NotNull CompareRequest compareRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP delete request.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  deleteRequest      The delete request to be processed. It must not
   *                            be {@code null}.
   *
   * @return  The result of processing the delete operation.
   * @throws  ScimException  If a connection cannot be obtained, if the server
   *                         rejects the delete request, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response.
   */
  @NotNull()
  LDAPResult delete(@NotNull final HttpServletRequest httpServletRequest,
                    @NotNull DeleteRequest deleteRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP modify request.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  modifyRequest      The modify request to be processed. It must not
   *                            be {@code null}.
   * @return  The result of processing the modify operation.
   *
   * @throws  ScimException  If a connection cannot be obtained, if the server
   *                         rejects the modify request, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response.
   */
  @NotNull()
  LDAPResult modify(@NotNull final HttpServletRequest httpServletRequest,
                    @NotNull ModifyRequest modifyRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP modify DN request.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  modifyDNRequest    The modify DN request to be processed. It must
   *                            not be {@code null}.
   *
   * @return  The result of processing the modify DN operation.
   * @throws  ScimException  If a connection cannot be obtained, if the server
   *                         rejects the modify DN request, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response.
   */
  @NotNull()
  LDAPResult modifyDN(@NotNull final HttpServletRequest httpServletRequest,
                      @NotNull ModifyDNRequest modifyDNRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP search request.
   * <p>
   * Note that if the search does not complete successfully, an
   * {@code LDAPSearchException} wrapped by a {@code ScimException} will be
   * thrown. In some cases, one or more search result entries or references may
   * have been returned before the failure response is received.  In this case,
   * the {@code LDAPSearchException} methods like {@code getEntryCount},
   * {@code getSearchEntries}, {@code getReferenceCount}, and
   * {@code getSearchReferences} may be used to obtain information about those
   * entries and references (although if a search result listener was provided,
   * then it will have been used to make any entries and references available,
   * and they will not be available through the {@code getSearchEntries} and
   * {@code getSearchReferences} methods).
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  searchRequest      The search request to be processed. It must not
   *                            be {@code null}.
   *
   * @return  A search result object that provides information about the
   *          processing of the search, potentially including the set of
   *          matching entries and search references returned by the server.
   * @throws  ScimException  If a connection cannot be obtained, if the search
   *                         does not complete successfully, or if a problem is
   *                         encountered while sending the request or reading
   *                         the response. If one or more entries or references
   *                         were returned before the failure was encountered,
   *                         then the wrapped {@code LDAPSearchException}
   *                         object may be examined to obtain information about
   *                         those entries and/or references.
   */
  @NotNull()
  SearchResult search(@NotNull final HttpServletRequest httpServletRequest,
                      @NotNull SearchRequest searchRequest)
      throws ScimException;

  /**
   * Processes the provided LDAP search request. It is expected that at most one
   * entry will be returned from the search, and that no additional content from
   * the successful search result (e.g., diagnostic message or response
   * controls) are needed.
   * <p>
   * Note that if the search does not complete successfully, an
   * {@code LDAPSearchException} wrapped by a {@code ScimException} will be
   * thrown. In some cases, one or more search result entries or references may
   * have been returned before the failure response is received.  In this case,
   * the {@code LDAPSearchException} methods like {@code getEntryCount},
   * {@code getSearchEntries}, {@code getReferenceCount}, and
   * {@code getSearchReferences} may be used to obtain information about those
   * entries and references.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  searchRequest      The search request to be processed. If it is
   *                            configured with a search result listener or a
   *                            size limit other than one, then the provided
   *                            request will be duplicated with the appropriate
   *                            settings.
   *
   * @return  The entry that was returned from the search, or {@code null} if no
   *          entry was returned or the base entry does not exist.
   * @throws  ScimException  If a connection cannot be obtained, if the search
   *                         does not complete successfully, if more than a
   *                         single entry is returned, or if a problem is
   *                         encountered while parsing the provided filter
   *                         string, sending the request, or reading the
   *                         response. If one or more entries or references
   *                         were returned before the failure was encountered,
   *                         then the wrapped {@code LDAPSearchException}
   *                         object may be examined to obtain information about
   *                         those entries and/or references.
   */
  @Nullable()
  SearchResultEntry searchForEntry(
      @NotNull final HttpServletRequest httpServletRequest,
      @NotNull SearchRequest searchRequest)
      throws ScimException;

  /**
   * Processes the provided extended request.  Note that when processing an
   * extended operation, the server will never throw an exception for a failed
   * response -- only when there is a problem sending the request or reading the
   * response. It is the responsibility of the caller to determine whether the
   * operation was successful.
   * <p>
   * Note that some extended request types, such as the StartTLS extended
   * request, may change the state of the underlying connection and should not
   * be invoked through this interface.
   *
   * @param httpServletRequest  The HTTP servlet request associated with the
   *                            current operation.
   * @param  extendedRequest    The extended request to be processed. It must
   *                            not be {@code null}.
   *
   * @return  The extended result object that provides information about the
   *          result of the request processing. It may or may not indicate that
   *          the operation was successful.
   * @throws  ScimException  If a problem occurs while sending the request or
   *                         reading the response.
   */
  @NotNull
  ExtendedResult processExtendedRequest(
      @NotNull final HttpServletRequest httpServletRequest,
      @NotNull final ExtendedRequest extendedRequest)
      throws ScimException;
}