package handler

import (
	"crypto/tls"
	"fmt"
	"net/smtp"

	"github.com/lor00x/goldap/message"
	ldap "github.com/vjeantet/ldapserver"

	"gt.kalli.st/czar/fsldap/utils"
)

var smtpHost = utils.Env("SMTP_HOSTNAME")
var smtpPort = utils.Env("SMTP_PORT")
var base = utils.Env("LDAP_BASE")
var smtpHostPort = fmt.Sprintf("%s:%s", smtpHost,smtpPort)

var tlsconfig = &tls.Config {
        InsecureSkipVerify: true,
	ServerName: smtpHost,
}

func Bind(w ldap.ResponseWriter, m *ldap.Message) {	
	r := m.GetBindRequest()
	res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
	name := string(r.Name())

	if(len(name) == 0) {
		res.SetResultCode(ldap.LDAPResultInvalidCredentials)
		res.SetDiagnosticMessage("invalid credentials")
		w.Write(res)
		return
	}

	password := string(r.AuthenticationSimple())

	user := utils.GetUser(name)
	
	mail := utils.GetMail(user)
	
	auth := smtp.PlainAuth("", mail, password, smtpHost)
	client, error := smtp.Dial(smtpHostPort)
	if error != nil {
		res.SetResultCode(ldap.LDAPResultInvalidCredentials)
		res.SetDiagnosticMessage("invalid credentials")
		w.Write(res)
		return
	}
	client.StartTLS(tlsconfig)
	err := client.Auth(auth)
	if err != nil {
		res.SetResultCode(ldap.LDAPResultInvalidCredentials)
		res.SetDiagnosticMessage("invalid credentials")
		w.Write(res)
		return
	}
	w.Write(res)
}

func WhoAmI(w ldap.ResponseWriter, m *ldap.Message) {
	res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
	w.Write(res)
}

func Search(w ldap.ResponseWriter, m *ldap.Message) {
	r := m.GetSearchRequest()	
	select {
	case <-m.Done:
		return
	default:
	}
	
	name := string(r.BaseObject())
	search := false
	
	if name == base {
		name = string(r.FilterString())
		search = true
	}
	
	if name == "" {
		response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
		w.Write(response)
		return
	}
	
	var user string;
	
	if(search) {
		user = utils.GetSearchUser(name)
	} else {
		user = utils.GetUser(name)
	}
	
	if user == ""{
		response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
		w.Write(response)
		return
	}
	
	mail := utils.GetMail(user)

	if mail == ""{
		response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
		w.Write(response)
		return
	}

	attr := utils.GetLdapName(user)	
	entry := ldap.NewSearchResultEntry(attr)
	entry.AddAttribute("mail", message.AttributeValue(mail))
	entry.AddAttribute("cn", message.AttributeValue(user))
	w.Write(entry)	
	response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
	w.Write(response)	
}