#!/bin/bash

# Created by argbash-init v2.10.0
# ARG_OPTIONAL_SINGLE([user],[u],[Fedora account name],[$USER])
# ARG_OPTIONAL_BOOLEAN([staging],[],[Use the staging infrastructure])
# ARG_HELP([Acquire a Kerberos ticket-granting ticket for Fedora],[If the environment variable \$FKINIT_OTP is set, it will be read for the one-time password instead of prompting for it.])
# ARGBASH_GO()
# needed because of Argbash --> m4_ignore([
### START OF CODE GENERATED BY Argbash v2.10.0 one line above ###
# Argbash is a bash code generator used to get arguments parsing right.
# Argbash is FREE SOFTWARE, see https://argbash.io for more info


die()
{
	local _ret="${2:-1}"
	test "${_PRINT_HELP:-no}" = yes && print_help >&2
	echo "$1" >&2
	exit "${_ret}"
}


begins_with_short_option()
{
	local first_option all_short_options='uh'
	first_option="${1:0:1}"
	test "$all_short_options" = "${all_short_options/$first_option/}" && return 1 || return 0
}

# THE DEFAULTS INITIALIZATION - OPTIONALS
_arg_staging="off"
if [ -f "$HOME/.fedora.upn" ]; then
	_arg_user=$(<"$HOME/.fedora.upn")
else
	_arg_user="$USER"
fi


print_help()
{
	printf '%s\n' "Acquire a Kerberos ticket-granting ticket for Fedora"
	printf 'Usage: %s [-u|--user <arg>] [--(no-)staging] [-h|--help]\n' "$0"
	printf '\t%s\n' "-u, --user: Fedora account name (default: value in ~/.fedora.upn if exists, otherwise '$USER')"
	printf '\t%s\n' "--staging, --no-staging: Use the staging infrastructure (off by default)"
	printf '\t%s\n' "-h, --help: Prints help"
	printf '\n%s\n' "If the environment variable \$FKINIT_OTP is set, it will be read for the one-time password instead of prompting for it."
}


parse_commandline()
{
	while test $# -gt 0
	do
		_key="$1"
		case "$_key" in
			-u|--user)
				test $# -lt 2 && die "Missing value for the optional argument '$_key'." 1
				_arg_user="$2"
				shift
				;;
			--user=*)
				_arg_user="${_key##--user=}"
				;;
			-u*)
				_arg_user="${_key##-u}"
				;;
			--no-staging|--staging)
				_arg_staging="on"
				test "${1:0:5}" = "--no-" && _arg_staging="off"
				;;
			-h|--help)
				print_help
				exit 0
				;;
			-h*)
				print_help
				exit 0
				;;
			*)
				_PRINT_HELP=yes die "FATAL ERROR: Got an unexpected argument '$1'" 1
				;;
		esac
		shift
	done
}

parse_commandline "$@"

# OTHER STUFF GENERATED BY Argbash

### END OF CODE GENERATED BY Argbash (sortof) ### ])
# [ <-- needed because of Argbash

finalize()
{
  rm -f $armorcache
}

set -e

armorcache=$(mktemp)
trap finalize EXIT

if [ "$_arg_staging" == "on" ]; then
    domain=STG.FEDORAPROJECT.ORG
else
    domain=FEDORAPROJECT.ORG
fi

kinit -n @$domain -c FILE:$armorcache

F_PASSWORD=$(systemd-ask-password --timeout=0 "FAS password:")
F_OTP=${FKINIT_OTP:-$(systemd-ask-password --timeout=0 "FAS OTP (leave blank if not configured):")}

kinit -T FILE:$armorcache $_arg_user@$domain <<< "${F_PASSWORD}${F_OTP}" >/dev/null
unset F_PASSWORD
unset F_OTP

# Display the active credential cache overview
echo
klist


# ^^^  TERMINATE YOUR CODE BEFORE THE BOTTOM ARGBASH MARKER  ^^^

# ] <-- needed because of Argbash
