#include <creddy.h>

#include "creddy_common.h"

#include <credentials/certificates/ac.h>

// helper
static void _print_validity(time_t not_before, time_t not_after);

void display_main(options_t *opts) {
    if (opts->cert == NULL)
        usage(opts);

    char *show = opts->show;
    if (show == NULL)
        usage(opts);

    int show_issuer = 0;
    int show_subject = 0;
    int show_validity = 0;
    int show_roles = 0;
    char *opt;

    while ((opt = strsep(&show, ",")) != NULL) {
        if (strcmp(opt, "issuer") == 0)
            show_issuer = 1;
        else if (strcmp(opt, "subject") == 0)
            show_subject = 1;
        else if (strcmp(opt, "validity") == 0)
            show_validity = 1;
        else if (strcmp(opt, "roles") == 0)
            show_roles = 1;
        else if (strcmp(opt, "all") == 0) {
            show_issuer = 1;
            show_subject = 1;
            show_validity = 1;
            show_roles = 1;
        }
        else {
            printf("Error: Unknown option to --show: %s\n", opt);
            usage(opts);
        }
    }

    // first try ID cert
    creddy_id_t *id = creddy_id_from_file(opts->cert);
    if (id != NULL) {
        if (show_issuer) {
            char *issuer = creddy_id_issuer(id);
            printf("Issuer: %s\n", issuer);
            free(issuer);
        }

        if (show_subject) {
            char *subject = creddy_id_subject(id);
            printf("Subject: %s\n", subject);
            free(subject);
        }

        if (show_validity) {
            time_t not_before, not_after;
            creddy_id_validity(id, &not_before, &not_after);
            _print_validity(not_before, not_after);
        }

        creddy_id_free(id);
        return;
    }

    // then try attribute cert
    certificate_t *ac = lib->creds->create(lib->creds,
        CRED_CERTIFICATE, CERT_X509_AC,
        BUILD_FROM_FILE, opts->cert,
        BUILD_END
    );
    if (ac != NULL) {
        if (show_issuer)
            printf("Issuer: %Y\n", ac->get_issuer(ac));

        if (show_subject)
            printf("Subject: %Y\n", ac->get_subject(ac));

        if (show_validity) {
            time_t not_before, not_after;
            ac->get_validity(ac, NULL, &not_before, &not_after);
            _print_validity(not_before, not_after);
        }

        if (show_roles) {
            ac_t *attr_cert = (ac_t *)ac;
            ietf_attributes_t *attr = attr_cert->get_groups(attr_cert);
            if (attr == NULL)
                errx(1, "Couldn't get attributes from cert");

            printf("Roles: %s\n", attr->get_string(attr));

            DESTROY_IF(attr);
        }

        DESTROY_IF(ac);
        return;
    }

    // give up if neither works
    errx(1, "Couldn't load %s as an ID or attribute cert", opts->cert);
}

// display the validity period of a cert
static void _print_validity(time_t not_before, time_t not_after) {
    char buf[256];
    struct tm time_tm;

    printf("Validity:\n");

    strftime(buf, sizeof(buf), "%F %T %Z", localtime_r(&not_before, &time_tm));
    printf("    Not before: %s [%lld]\n", buf, (long long)not_before);

    strftime(buf, sizeof(buf), "%F %T %Z", localtime_r(&not_after, &time_tm));
    printf("    Not after:  %s [%lld]\n", buf, (long long)not_after);
}