#!/bin/sh

set -e
set -o nounset

# 4 tables to empty, at least
# oidc, code, flow, authentication_session

# \d hydra_oauth2_flow
#Referenced by:
#    TABLE "hydra_oauth2_access" CONSTRAINT "hydra_oauth2_access_challenge_id_fk" FOREIGN KEY (challenge_id) REFERENCES hydra_oauth2_flow(consent_challenge_id) ON DELETE CASCADE
#    TABLE "hydra_oauth2_code" CONSTRAINT "hydra_oauth2_code_challenge_id_fk" FOREIGN KEY (challenge_id) REFERENCES hydra_oauth2_flow(consent_challenge_id) ON DELETE CASCADE
#    TABLE "hydra_oauth2_oidc" CONSTRAINT "hydra_oauth2_oidc_challenge_id_fk" FOREIGN KEY (challenge_id) REFERENCES hydra_oauth2_flow(consent_challenge_id) ON DELETE CASCADE
#    TABLE "hydra_oauth2_pkce" CONSTRAINT "hydra_oauth2_pkce_challenge_id_fk" FOREIGN KEY (challenge_id) REFERENCES hydra_oauth2_flow(consent_challenge_id) ON DELETE CASCADE
#    TABLE "hydra_oauth2_refresh" CONSTRAINT "hydra_oauth2_refresh_challenge_id_fk" FOREIGN KEY (challenge_id) REFERENCES hydra_oauth2_flow(consent_challenge_id) ON DELETE CASCADE

# -> delete "cascade" on table "flow" cleans access, code, oidc, pkce and refresh tables.


DSN="postgresql://${HYDRA_DATABASE_USER}:${HYDRA_DATABASE_PASSWORD}@${HYDRA_DATABASE_SERVICE_NAME}:5432/hydra?sslmode=disable"
RETENTION_HOURS="${RETENTION_HOURS:-48}"
BATCH_SIZE="${BATCH_SIZE:-50}"
LIMIT="${LIMIT:-1000}"
BEFORE_DATE="$(date +'%Y-%m-%d %H:%M:%S' --date=@$(($(date +%s) - RETENTION_HOURS * 3600)))"


log() {
    echo "$(date +'%d-%m-%y %H:%M:%S%z')| $1"
}

perror() {
    log "Something went wrong, exiting."
    trap - EXIT
    exit 1
}

trap perror EXIT

if ! [[ ${RETENTION_HOURS} =~ '^[0-9]+$' ]]; then
    log "Error: variable RETENTION_HOURS is not a positive integer."
    perror
fi

if ! [[ ${LIMIT} =~ '^[0-9]+$' ]]; then
    log "Error: variable LIMIT is not a positive integer."
    perror
fi

if ! [[ ${BATCH_SIZE} =~ '^[0-9]+$' ]]; then
    log "Error: variable BATCH_SIZE is not a positive integer."
    perror
fi

log "Starting hydra cleaner"

log "Removing up to ${LIMIT} elements before ${BEFORE_DATE} by batch of ${BATCH_SIZE}"

log "Beginning estimated size:"
psql "${DSN}" <<EOF
select
  table_name, reltuples as estimate,
  pg_size_pretty(pg_total_relation_size(quote_ident(table_name))),
  pg_total_relation_size(quote_ident(table_name))
from information_schema.tables left join pg_class on information_schema.tables.table_name=pg_class.relname
where table_schema = 'public'
order by 4 desc;
EOF


REMAINING_ELMTS="${LIMIT}"
while [ "${REMAINING_ELMTS}" -gt 0 ]; do
    OUTPUT=$(psql "${DSN}" <<EOF
DELETE
FROM hydra_oauth2_flow
WHERE login_challenge = ANY (
  array(
    SELECT login_challenge
    FROM hydra_oauth2_flow
    WHERE requested_at < '${BEFORE_DATE}'
    LIMIT ${BATCH_SIZE}
  )
);
EOF
    )

    log "${OUTPUT}"

    if ! [[ "${OUTPUT}" =~ '^DELETE ' ]] ; then
	log "Output doesn't seems OK..."
	break
    fi
    OUTPUT_NB=$(echo "${OUTPUT}" | cut -d' ' -f 2)

    if [ "${OUTPUT_NB}" -lt "${BATCH_SIZE}" ]; then
	break
    fi

    REMAINING_ELMTS=$((REMAINING_ELMTS - BATCH_SIZE))
    if [ "${REMAINING_ELMTS}" -lt "${BATCH_SIZE}" ]; then
	BATCH_SIZE="${REMAINING_ELMTS}"
    fi
done


log "Final estimated size:"
psql "${DSN}" <<EOF
select
  table_name, reltuples as estimate,
  pg_size_pretty(pg_total_relation_size(quote_ident(table_name))),
  pg_total_relation_size(quote_ident(table_name))
from information_schema.tables left join pg_class on information_schema.tables.table_name=pg_class.relname
where table_schema = 'public'
order by 4 desc;
EOF

trap - EXIT