package main

import (
	"bytes"
	"crypto"
	"encoding/json"
	"flag"
	"fmt"
	"io"
	"log"
	"net/http"
	"os"

	"crispbyte.dev/sig-auth/client"
	"crispbyte.dev/sig-auth/server"
	"crispbyte.dev/sig-auth/sqlite_directory"
	"github.com/opencontainers/go-digest"
	"golang.org/x/crypto/ssh"
)

func main() {
	useClient := flag.Bool("c", false, "Run client")

	register := flag.Bool("r", false, "Register a key")

	user := flag.String("user", "", "Username to register")

	keyPath := flag.String("key", "", "Path to the private key (client mode) or public key (registration mode) to use")

	simulateCaddy := flag.Bool("caddy", false, "Simulate caddy reverse proxy")

	flag.Parse()

	if *useClient {
		if *keyPath == "" || *user == "" {
			flag.PrintDefaults()
			return
		}

		runClient(*keyPath, *user, *simulateCaddy)
	} else if *register {
		if *keyPath == "" || *user == "" {
			flag.PrintDefaults()
			return
		}

		registerKey(*keyPath, *user)
	} else {
		runServer(*simulateCaddy)
	}
}

func runClient(keyFile string, user string, simulateCaddy bool) {
	testData := map[string]string{"hello": "world"}
	json_data, _ := json.Marshal(testData)

	key, err := loadPrivateKey(keyFile)

	if err != nil {
		log.Fatal(err)
	}

	client, err := client.GetSigningClient(key, user)

	if err != nil {
		log.Fatal(err)
	}

	id := digest.FromBytes(json_data)

	var req *http.Request

	req, err = http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))

	if err != nil {
		log.Fatal(err)
	}

	req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())
	req.Header.Add("Content-Type", "application/json")

	if simulateCaddy {
		req.Header.Add("X-Forwarded-Method", req.Method)
		req.Header.Add("X-Forwarded-Uri", req.RequestURI)
	}

	resp, err := client.Do(req)

	if err != nil {
		log.Fatal(err)
	}

	defer resp.Body.Close()

	out, err := io.ReadAll(resp.Body)

	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(resp.StatusCode)
	fmt.Println(resp.Header)
	fmt.Println(string(out[:]))
}

func runServer(simulateCaddy bool) {
	keyDir := sqlite_directory.CreateDirectory()

	server.Start(simulateCaddy, keyDir)
}

func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		return nil, err
	}

	return ssh.ParseRawPrivateKey(keyBytes)
}

func registerKey(keyFile string, userId string) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		log.Fatal(err)
	}

	keyText := string(keyBytes)

	request := server.RegisterRequest{
		UserId: userId,
		Key:    keyText,
	}

	json_data, _ := json.Marshal(request)

	http.DefaultClient.Post("http://localhost:8080/register", "application/json", bytes.NewBuffer(json_data))
}