package main

import (
	"log"
	"strconv"

	"github.com/gofiber/fiber/v2"
)

const (
	uriSecretData     = "/:secret/data/:path"
	uriSecretMetadata = "/:secret/metadata/:path"
)

func vaultApiSimpleKv2(c *fiber.Ctx, action string) error {
	secret := c.Params("secret")
	path := c.Params("path")
	if (secret == "") || (path == "") {
		return fiberNone(c)
	}

	log.Printf("%v %v %v", action, secret, path)

	return fiberOk(c)
}

func setupVaultApi(router fiber.Router) {
	// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2

	/* read secret */
	router.Get(uriSecretData, func(c *fiber.Ctx) error {
		// return vaultApiSimpleKv2(c, "GET")

		secret := c.Params("secret")
		path := c.Params("path")
		if (secret == "") || (path == "") {
			return fiberNone(c)
		}

		var version int64 = -1
		if ver_s := c.Query("version"); ver_s != "" {
			var err error
			version, err = strconv.ParseInt(ver_s, 10, 0)
			if err != nil {
				return fiberNone(c)
			}
		}

		if version >= 0 {
			// version is sane
			log.Printf("GET %v %v v=%v", secret, path, version)
		} else {
			log.Printf("GET %v %v", secret, path)
		}

		return fiberOk(c)
	})
	/* create/update/patch secret */
	router.Post(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SET")
	})
	router.Patch(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SET")
	})
	/* delete secret */
	router.Delete(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DELETE")
	})
	/* delete/undelete secret */
	router.Post("/:secret/delete/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DELETE")
	})
	router.Post("/:secret/undelete/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "UNDELETE")
	})
	/* destroy secret */
	router.Post("/:secret/destroy/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DESTROY")
	})

	/* read subkeys */
	// router.Get("/:secret/subkeys/:path?version=:version&depth=:depth", fiberOk)
	router.Get("/:secret/subkeys/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SUBKEYS")
	})

	/* read metadata */
	router.Get(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-GET")
	})
	/* create/update metadata */
	router.Post(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-SET")
	})
	router.Patch(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-SET")
	})
	/* delete metadata */
	router.Delete(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-DELETE")
	})
	/* list secrets */
	router.Add(MethodList, uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "LIST")
	})
}