/**
   abac_prover.c

   To demonstrate how to use ABAC's api in C to make a query

   call:   abac_prover "keystorestring" "rolestring" "principalstring"

   pre-condition: run make attr_abac  generate IceCream_ID.pem and IceCream_private.pem with

   This program will make a prover call using 
           rolestring <- principalstring

**/

#include <err.h>
#include <stdio.h>
#include <assert.h>
#include <string.h>

#include <abac.h>

extern void abac_print_cred_info(abac_credential_t*, FILE*);
extern void abac_print_prin_info(abac_id_credential_t*, FILE*);

int main(int argc, char **argv) {
    int i, success=0;
    abac_credential_t *cred=NULL;
    abac_credential_t **credentials=NULL;

    abac_context_t *ctx = abac_context_new();
    abac_context_load_directory(ctx, argv[1]);

    char *query=strdup(argv[2]);
    char *with=strdup(argv[3]);

    printf("query %s \n", query);
    printf("with %s\n", with);


int k=1; /* use to do repetitions */
while(k) {
    credentials = abac_context_query(ctx,
                            query, with,
                            &success);
    if (success)
        puts("prover success!!");
        else puts("prover failed!!");

    if (credentials != NULL && success) {
        puts("credentials needed :");
        for (i = 0; credentials[i] != NULL; ++i) {
           cred = credentials[i];
           abac_print_cred_info(cred,NULL);
        }
    }
    if(credentials)
        abac_free_credentials(credentials);
    k=k-1;
}


    /* dump credentials from context */
{
    printf("\n\n");
    credentials = abac_context_credentials(ctx);
    if (credentials != NULL) {
        puts("context credentials :");
        for (i = 0; credentials[i] != NULL; ++i) {
           cred = credentials[i];
           abac_print_typed_cred_info(cred,NULL);
        }
    }
    if(credentials)
        abac_free_credentials(credentials);
}
{
    abac_id_credential_t *id_cred=NULL;
    abac_id_credential_t **id_credentials=NULL;
    printf("\n\n [ctx]\n");
    id_credentials = abac_context_principals(ctx);
    if (id_credentials != NULL) {
        puts("principal credentials :");
        for (i = 0; id_credentials[i] != NULL; ++i) {
           id_cred = id_credentials[i];
           abac_print_prin_info(id_cred,NULL);
        }
    }
    if(id_credentials)
        abac_free_principals(id_credentials);
}

    abac_context_t *ctx2 = abac_context_dup(ctx);

{
    abac_id_credential_t *id_cred=NULL;
    abac_id_credential_t **id_credentials=NULL;
    printf("\n\n [ctx2]\n");
    id_credentials = abac_context_principals(ctx2);
    if (id_credentials != NULL) {
        puts("principal credentials :");
        for (i = 0; id_credentials[i] != NULL; ++i) {
           id_cred = id_credentials[i];
           abac_print_prin_info(id_cred,NULL);
        }
    }
    if(id_credentials)
        abac_free_principals(id_credentials);
}

{
    printf("\n\n");
    abac_context_dump(ctx);
}

    abac_verifier_session_dump();

show_yap_db("-->before");
    abac_context_free(ctx);
show_yap_db("-->after");

    abac_verifier_session_dump();

    return 0;
}