#!/bin/python3
import base64
import os
import sys
import argparse
import logging
import json
import requests
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes

from subject import main

#  Identity attributes
# {'username' : '', 'full_name' : '', 'email' : '', public_key : '' }

logging.basicConfig(format='%(levelname)s\t- %(message)s')
logger = logging.getLogger()
logger.setLevel(logging.INFO)

state = main(sys.argv)

BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/')

# org - username - password - credentials file - session file
def createSession(args):

    parser = argparse.ArgumentParser()

    parser.add_argument("-k", '--key', nargs=1, help="Path to the key file")
    parser.add_argument("-r", '--repo', nargs=1, help="Address:Port of the repository")
    parser.add_argument("-v", '--verbose', help="Increase verbosity", action="store_true")

    parser.add_argument('org', nargs='?', default=None)
    parser.add_argument('username', nargs='?', default=None)
    parser.add_argument('password', nargs='?', default=None)
    parser.add_argument('credentials', nargs='?', default=None)
    parser.add_argument('session', nargs='?', default=None)

    args = parser.parse_args()

    if not args.org or not args.username or not args.credentials or not args.session:
        logger.error("Need organization, username, credentials and session file")
        sys.exit(1)

    if not os.path.isfile(BASE_DIR + args.credentials):
        logger.error("File '" + args.credentials + "' not found.")
        sys.exit(1)
    
    session = {'org' : args.org, 'username' : args.username}

    #print( type(json.dumps(session)))

    try:
        req = requests.post(f'http://{state['REP_ADDRESS']}/user/login', json=json.dumps(session))
        req.raise_for_status()
    except requests.exceptions.RequestException as errex:
        logger.error("Failed to obtain response from server")
        sys.exit(-1)

    response = req.json()
    challenge = response['challenge']

    with open(BASE_DIR + args.credentials, 'rb') as f:
        try:
            key = load_pem_private_key(f.read(), password=args.password.encode("utf-8") if args.password else None)
        except ValueError:
            logger.error("Invalid password")
            sys.exit(-1)

    signature = key.sign(
        challenge.encode('utf-8'),
        padding.PKCS1v15(),
        hashes.SHA256()
    )

    try:
        req = requests.post(f'http://{state['REP_ADDRESS']}/user/login', json=json.dumps({'signature' : base64.b64encode(signature).decode('utf-8')}), headers={'Authorization': response['token']})
        req.raise_for_status()
    except requests.exceptions.RequestException as errex:
        logger.error("Failed to obtain response from server")
        sys.exit(-1)

    with open(BASE_DIR + args.session, 'w') as f:
        json.dump(req.json(), f)

    if req.status_code == 201:
        logger.info("Session created successfully")
        sys.exit(0)
    logger.error("Failed to create session")
    sys.exit(-1)

if __name__ == '__main__':
    createSession(sys.argv[1:])