#! /usr/bin/env perl
# vim: set filetype=perl ts=4 sw=4 sts=4 et:
use common::sense;
use Term::ReadKey;

use File::Basename;
use lib dirname(__FILE__) . '/../../../lib/perl';
use OVH::Result;
use OVH::Bastion;
use OVH::Bastion::Plugin qw( :DEFAULT );
use OVH::Bastion::Plugin::generateEgressKey;

my $remainingOptions = OVH::Bastion::Plugin::begin(
    argv    => \@ARGV,
    header  => "generating a new key pair for a group",
    options => {
        "group=s"   => \my $group,
        "algo=s"    => \my $algo,
        "size=i"    => \my $size,
        "encrypted" => \my $encrypted,
    },
    help => \&OVH::Bastion::Plugin::generateEgressKey::help,
);

#
# code
#
my $fnret;

$fnret = OVH::Bastion::Plugin::generateEgressKey::preconditions(
    context => 'group',
    self    => $self,
    group   => $group,
    algo    => $algo,
    size    => $size
);
if ($fnret->err eq 'ERR_MISSING_PARAMETER') {
    OVH::Bastion::Plugin::generateEgressKey::help();
    osh_exit(R('ERR_MISSING_PARAMETER', msg => "Missing the 'algo', 'size' or 'group' parameter'"));
}
$fnret or osh_exit $fnret;

my ($shortGroup, $keyhome);
($group, $algo, $size, $shortGroup, $keyhome) = @{$fnret->value}{qw{ group algo size shortGroup keyhome }};

my $passphrase = '';    # empty by default
if ($encrypted) {
    $fnret = OVH::Bastion::Plugin::generateEgressKey::ask_passphrase();
    $fnret or osh_exit $fnret;
    $passphrase = $fnret->value;
}

my @command = qw{ sudo -n -u root -- /usr/bin/env perl -T };
push @command, $OVH::Bastion::BASEPATH . '/bin/helper/osh-groupGenerateEgressKey';
push @command, '--group', $group;
push @command, '--algo', $algo;
push @command, '--size', $size;
push @command, '--encrypted' if $encrypted;

$fnret = OVH::Bastion::helper(cmd => \@command, stdin_str => $passphrase);
$fnret or osh_exit $fnret;

my $key = $fnret->value;

$fnret = OVH::Bastion::get_bastion_ips();
$fnret or osh_exit $fnret;

$key->{'prefix'} = 'from="' . join(',', @{$fnret->value}) . '"';

OVH::Bastion::print_public_key(key => $key);

osh_ok($key);