package main

import (
	"errors"
	"fmt"
	"os"
	"path/filepath"
	"strings"

	"github.com/danieljoos/wincred"
)

const (
	CRED_NAME   = "RBASH-KSTORE"
	SECRET_NAME = "_AUTH_SECRET"
)

func usage(stdfd *os.File) {
	_name := filepath.Base(os.Args[0])
	_space := strings.Repeat(" ", len(_name))
	fmt.Fprintf(stdfd, "Usage: %s get\n", _name)
	fmt.Fprintf(stdfd, "       %s set passphrase\n", _space)
	fmt.Fprintf(stdfd, "       %s del\n", _space)
	fmt.Fprintf(stdfd, "       %s help\n", _space)
}

func getAuthSecret() (*wincred.GenericCredential, error) {
	cred, err := wincred.GetGenericCredential(CRED_NAME)
	return cred, err
}

func delAuthSecret() error {
	cred, _ := getAuthSecret()
	if cred == nil {
		return nil
	}
	return cred.Delete()
}

func setAuthSecret(newSecret string) error {
	cred, _ := getAuthSecret()
	if cred == nil {
		cred = wincred.NewGenericCredential(CRED_NAME)
	}

	cred.CredentialBlob = []byte(newSecret)
	return cred.Write()
}

func main() {
	if len(os.Args) < 2 {
		usage(os.Stderr)
		os.Exit(1)
	}

	var err error
	switch os.Args[1] {
	case "get":
		cred, _err := getAuthSecret()
		if _err == nil {
			fmt.Print(string(cred.CredentialBlob))
			os.Exit(0)
		}
		err = _err
	case "set":
		if len(os.Args[2:]) < 1 {
			err = errors.New("passphrase is required")
		} else {
			err = setAuthSecret(os.Args[2])
		}
	case "del":
		err = delAuthSecret()
	case "help":
		usage(os.Stdout)
	}

	if err == nil {
		os.Exit(0)
	}

	fmt.Fprintln(os.Stderr, err)
	os.Exit(1)
}