package main

import (
    "errors"
    "log"
	"net/http"
    "context"
    "fmt"
	"github.com/go-ldap/ldap/v3"
     garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
)

func gadmin() (*garage.APIClient, context.Context) {
    // Set Host and other parameters
    configuration := garage.NewConfiguration()
    configuration.Host = config.S3AdminEndpoint

    // We can now generate a client
    client := garage.NewAPIClient(configuration)

    // Authentication is handled through the context pattern
    ctx := context.WithValue(context.Background(), garage.ContextAccessToken, config.S3AdminToken)
    return client, ctx
}


func grgCreateKey(name string) (*garage.KeyInfo, error) {
    client, ctx := gadmin()

    kr := garage.AddKeyRequest{Name: &name}
    resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(kr).Execute()
    if err != nil {
        fmt.Printf("%+v\n", err)
        return nil, err
    }
    return resp, nil
}

func grgGetKey(accessKey string) (*garage.KeyInfo, error) {
    client, ctx := gadmin()

    resp, _, err := client.KeyApi.GetKey(ctx, accessKey).Execute()
    if err != nil {
        fmt.Printf("%+v\n", err)
        return nil, err
    }
    return resp, nil
}


func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
	login := checkLogin(w, r)
	if login == nil {
		return nil, nil, errors.New("LDAP login failed")
	}

	keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
    if keyID == "" {
        keyPair, err := grgCreateKey(login.Info.Username)
        if err != nil {
            return login, nil, err
        }
		modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
		modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
        // @FIXME compatibility feature for bagage (SFTP+webdav)
        // you can remove it once bagage will be updated to fetch the key from garage directly
        // or when bottin will be able to dynamically fetch it.
		modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
        err = login.conn.Modify(modify_request)
        return login, keyPair, err
    }
    // Note: we could simply return the login info, but LX asked we do not 
    // store the secrets in LDAP in the future.
    keyPair, err := grgGetKey(keyID)
    return login, keyPair, err
}

type keyView struct {
	Status         *LoginStatus
    Key            *garage.KeyInfo
}

func handleGarageKey(w http.ResponseWriter, r *http.Request) {
    login, s3key, err := checkLoginAndS3(w, r)
    if err != nil {
        log.Println(err)
        return
    }
    view := keyView{Status: login, Key: s3key}

    tKey := getTemplate("garage_key.html")
	tKey.Execute(w, &view)
}

type webListView struct {
	Status         *LoginStatus
    Key            *garage.KeyInfo
}
func handleGarageWebsiteList(w http.ResponseWriter, r *http.Request) {
    login, s3key, err := checkLoginAndS3(w, r)    
    if err != nil {
        log.Println(err)
        return
    }
    view := webListView{Status: login, Key: s3key}

    tWebsiteList := getTemplate("garage_website_list.html")
	tWebsiteList.Execute(w, &view)
}

func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) {
    tWebsiteNew := getTemplate("garage_website_new.html")
	tWebsiteNew.Execute(w, nil)
}

func handleGarageWebsiteInspect(w http.ResponseWriter, r *http.Request) {
    login, s3key, err := checkLoginAndS3(w, r)
    if err != nil {
        log.Println(err)
        return
    }
    log.Println(login, s3key)

    tWebsiteInspect := getTemplate("garage_website_inspect.html")
	tWebsiteInspect.Execute(w, nil)
}