from django.conf import settings
from django.core.management.base import BaseCommand

import pyotp
import json
import urllib.request
import urllib.error
import sys

class Command(BaseCommand):
    help = 'Access ungleichotp'

    def add_arguments(self, parser):
        parser.add_argument('--server-url', required=True)

        # For creating / verifying
        parser.add_argument('--name', help="Name to create/verify")
        parser.add_argument('--realm', help="Realm for create/verify")
        parser.add_argument('--token', help="Token for create/verify")
        parser.add_argument('--seed', help="Seed for create/verify")

        # How to authenticate against ungleich-otp
        parser.add_argument('--auth-name', required=True, help="Name for auth")
        parser.add_argument('--auth-realm', required=True, help="Realm for auth")
        parser.add_argument('--auth-token', help="Token for auth")
        parser.add_argument('--auth-seed', help="Seed for auth")

        parser.add_argument('command', choices=['create',
                                                'delete',
                                                'list',
                                                'verify'], help='Action to take')

    def handle(self, *args, **options):
        command_to_verb = { 'create': 'POST',
                            'delete': 'DELETE',
                            'list': 'GET' }

        method = 'POST'

        if not options['auth_token']:
            if not options['auth_seed']:
                print("Either token or seed are required")
                sys.exit(1)
            else:
                options['auth_token'] = pyotp.TOTP(options['auth_seed']).now()

        to_send = {}

        # Our credentials
        to_send['auth_token'] = options['auth_token']
        to_send['auth_name']  = options['auth_name']
        to_send['auth_realm'] = options['auth_realm']

        if options['command'] in ["list", "get"]:
            method = 'GET'

        if options['command'] in ["create", "verify"]:
            if not options['name'] or not options['realm']:
                print("Need to specify --name and --realm")
                sys.exit(1)

            if options['command'] == "verify" and not options['token']:
                if not options['seed']:
                    print("Need to specify --token or --seed for verify")
                    sys.exit(1)
                else:
                    options['token'] = pyotp.TOTP(options['seed']).now()


            # Client credentials to be verified
            to_send['name']  = options['name']
            to_send['realm'] = options['realm']
            to_send['token'] = options['token']

            if options['command'] == "verify":
                options['server_url'] = "{}verify/".format(options['server_url'])



        self.rest_send(options['server_url'], to_send, method=method)

    @staticmethod
    def rest_send(serverurl, to_send, method='POST'):
        data = json.dumps(to_send).encode("utf-8")

        req = urllib.request.Request(url=serverurl,
                                     data=data,
                                     headers={'Content-Type': 'application/json'},
                                     method=method)

        f = urllib.request.urlopen(req)

        if f.status == 200:
            print("Response: {}: {}".format(f.msg, f.read()))
            return True

        return False