#!/bin/sh

#  Licensed to the Apache Software Foundation (ASF) under one
#  or more contributor license agreements.  See the NOTICE file
#  distributed with this work for additional information
#  regarding copyright ownership.  The ASF licenses this file
#  to you under the Apache License, Version 2.0 (the
#  "License"); you may not use this file except in compliance
#  with the License.  You may obtain a copy of the License at
#  
#    http://www.apache.org/licenses/LICENSE-2.0
#    
#  Unless required by applicable law or agreed to in writing,
#  software distributed under the License is distributed on an
#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
#  KIND, either express or implied.  See the License for the
#  specific language governing permissions and limitations
#  under the License.

here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
mkdir -p $1/conf
root=`echo "import os; print os.path.realpath('$1')" | python`
admin=$2
apass=$3
email=$4
user=$5
upass=$6
host=$7

httpd_prefix=`cat $here/../../modules/http/httpd.prefix`

if [ "$host" = "" ]; then
    conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
    sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
    if [ "$sslconf" = "" ]; then
        scheme="http"
        addr=`echo $conf | awk '{ print $7 }'`
        host=`$here/../../modules/http/httpd-addr ip $addr`
        if [ "$host" = "" ]; then
            host="localhost"
        fi
        port=`$here/../../modules/http/httpd-addr port $addr`
    else
        scheme="https"
        ssladdr=`echo $sslconf | awk '{ print $6 }'`
        host=`$here/../../modules/http/httpd-addr ip $ssladdr`
        if [ "$host" = "" ]; then
            host="localhost"
        fi
        port=`$here/../../modules/http/httpd-addr port $ssladdr`
    fi
else
    scheme="https"
    port="443"
fi

# Get password hash
rm -f $root/conf/auth.passwd
touch $root/conf/auth.passwd
$httpd_prefix/bin/htpasswd -b $root/conf/auth.passwd "$email" "$upass" 2>/dev/null
hash=`cat $root/conf/auth.passwd | awk -F ":" '{ print $2 }'`
rm -f $root/conf/auth.passwd

# Compute user URI
upath=$email

# Put user auth
cat >$root/conf/auth.entry <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom">
 <title type="text">$email</title>
 <id>$email</id>
 <content type="application/xml">
  <authn>
   <user>$user</user>
   <hash>$hash</hash>
  </authn>
 </content>
</entry>
EOF
curl -k -L -u $admin:$apass -X PUT -H "X-Forwarded-Server: $host" --data-binary @$root/conf/auth.entry $scheme://$host:$port/c/Authenticator/$upath
rm $root/conf/auth.entry