from paramiko.config import SSHConfig
from os.path import expandvars, isdir, isfile, join
from os import open as os_open, write, close, truncate, makedirs, O_WRONLY, O_CREAT


def setting_pki_openssh_client(dico, config):
    config_dir = expandvars('$HOME/.ssh')
    config_file = join(config_dir, 'config')
    identityfile = join(expandvars('$HOME/.ssh'), f'risotto_{dico["organization_name"]}')
    known_hosts = expandvars('$HOME/.ssh/known_hosts')
    hostname = f'*.{dico["organization_name"]}'
    new_data = {'identityfile': [identityfile],
                'stricthostkeychecking': 'yes',
                'hostname': hostname,
                'user': dico['cn'],
                }
    ssh = SSHConfig()
    if isfile(config_file):
        ssh.parse(open(config_file))
        if hostname not in ssh.get_hostnames():
            print(f'\n\nIl faudrait ajouter dans le fichier "{config_file}" :')
            print(f'Host {hostname}')
            for key, value in new_data.items():
                if key == 'hostname':
                    continue
                print(f'    {key} {value}')
            print('\n')
        else:
            current_data = dict(ssh.lookup(hostname))
            if current_data != new_data:
                current = set(current_data)
                new = set(new_data)
                add = new - current
                modify = [key for key in new if key in current and current_data[key] != new_data[key]]
                if add or modify:
                    print(f'\n\nModifications suggérées de la section "Host {hostname}" du fichier "{config_file}" :')
                    for line in add:
                        value = new_data[line]
                        if isinstance(value, list):
                            value = ','.join(value)
                        print(f'  - ajouter "{line} {value}"')
                    for line in modify:
                        value = new_data[line]
                        if isinstance(value, list):
                            value = ','.join(value)
                        print(f'  - modifier "{line} {current_data[line]}" en "{line} {value}"')
                print('\n')
    else:
        if not isdir(config_dir):
            makedirs(config_dir, 0o700)
        fh = os_open(config_file, O_WRONLY | O_CREAT, 0o400)
        truncate(fh, 0)
        write(fh, f'Host {hostname}\n'.encode())
        for key, value in new_data.items():
            if key == 'hostname':
                continue
            if isinstance(value, list):
                value = ','.join(value)
            write(fh, f'    {key} {value}\n'.encode())
        close(fh)
    fh = os_open(f'{identityfile}.pub', O_WRONLY | O_CREAT, 0o400)
    truncate(fh, 0)
    write(fh, dico['certificate'].encode())
    write(fh, b'\n')
    close(fh)
    if 'private_key' in dico:
        fh = os_open(identityfile,  O_WRONLY | O_CREAT, 0o400)
        truncate(fh, 0)
        write(fh, dico['private_key'].encode())
        write(fh, b'\n')
        close(fh, )
    content = [f'@cert-authority *.cadoles.com {dico["chain"]}']
    if isfile(known_hosts):
        with open(known_hosts) as fh:
            old = fh.read().strip()
            for line in old.split('\n'):
                if line.startswith(f'@cert-authority {hostname} '):
                    continue
                content.append(line)
    fh = os_open(known_hosts, O_WRONLY | O_CREAT, 0o400)
    truncate(fh, 0)
    for line in content:
        write(fh, f'{line}\n'.encode())
    close(fh)
    print('Certificat mise à jour')


def get(message):
    if message == 'v1.setting.pki.openssh.client.get':
        return setting_pki_openssh_client