// Copyright 2021 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_OTA_KEYBOX_PROVISIONER_H_
#define WVCDM_CORE_OTA_KEYBOX_PROVISIONER_H_

#include <memory>
#include <string>

#include "client_identification.h"
#include "metrics_collections.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"

namespace wvcdm {
class CryptoSession;
namespace okp {
class SystemFallbackPolicy;
}  // namespace okp

// A CdmEngine-specific OTA keybox provisioning context.
class OtaKeyboxProvisioner {
 public:
  // Creates a new OtaKeyboxProvisioner.
  // Checks for the system fallback policy and if the device
  // requires provisioning.
  // |crypto_metrics| - CryptoMetrics instance that is used in the
  // the calling EngineMetrics.
  static std::unique_ptr<OtaKeyboxProvisioner> Create(
      metrics::CryptoMetrics* crypto_metrics);
  static std::unique_ptr<OtaKeyboxProvisioner> CreateForTesting(
      std::unique_ptr<CryptoSession>&& crypto_session,
      okp::SystemFallbackPolicy* fallback_policy);

  OtaKeyboxProvisioner() = delete;
  WVCDM_DISALLOW_COPY_AND_MOVE(OtaKeyboxProvisioner);
  ~OtaKeyboxProvisioner();

  // Returns true if the underlying SystemFallbackPolicy is
  // provisioned.
  // Note: This may change without a call to HandleProvisioningResponse()
  // on this instance as provisioning is a system-wide responsibility.
  bool IsProvisioned() const;
  bool IsInFallbackMode() const;

  // Indicates that a request has been successfully generated.
  uint32_t request_generated() const { return request_generated_; }
  // Indicates that a response has been successfully received by
  // this provisioner.
  bool response_received() const { return response_received_; }

  // === Request/response API ===

  // Generates and prepares a OTA Keybox Provisioning request, packing
  // it into a SignedProvisioningMessage.
  // |default_url| will be populated with the URL of the provisioning
  // server used for OTA keybox provisioning.
  CdmResponseType GetProvisioningRequest(std::string* request,
                                         std::string* default_url);
  // Receives, unwraps and loads the OTA Keybox Provisioning response.
  // |response| must be a SignedProvisioningMessage containing an
  // OTA keybox provisioning response.
  CdmResponseType HandleProvisioningResponse(const std::string& response);

 private:
  OtaKeyboxProvisioner(std::unique_ptr<CryptoSession>&& crypto_session,
                       okp::SystemFallbackPolicy* fallback_policy);

  bool Init();

  void CleanUp();

  std::unique_ptr<CryptoSession> crypto_session_;
  ClientIdentification client_id_;

  // Pointer to the system-wide okp::SystemFallbackPolicy.  This class
  // does not take ownership of this pointer.
  okp::SystemFallbackPolicy* fallback_policy_ = nullptr;

  // These flags are for debugging purposes.
  bool request_generated_ = false;
  bool response_received_ = false;
};  // class OtaKeyboxProvisioner
}  // namespace wvcdm
#endif  // WVCDM_CORE_OTA_KEYBOX_PROVISIONER_H_