#!/usr/bin/env python3

# OAuth2 (OpenID Connect / Keycloak) authentication mechanism for INN2/nnrpd.

import sys
from oauthlib.oauth2 import LegacyApplicationClient
from requests_oauthlib import OAuth2Session

CLIENT_AUTHNAME = "ClientAuthname: "
CLIENT_PASSWORD = "ClientPassword: "

client_id = ""
client_secret = ""
token_url = ""

username = None
password = None

while username is None or password is None:
    line = sys.stdin.readline()
    while len(line) > 0 and line[-1] in "\r\n":
        line = line[:-1]
    if line[0:len(CLIENT_AUTHNAME)] == CLIENT_AUTHNAME:
        username = line[len(CLIENT_AUTHNAME):]
    elif line[0:len(CLIENT_PASSWORD)] == CLIENT_PASSWORD:
        password = line[len(CLIENT_PASSWORD):]

try:
    oauth = OAuth2Session(client=LegacyApplicationClient(client_id=client_id))
    token = oauth.fetch_token(token_url=token_url,
                              username=username,
                              password=password,
                              client_id=client_id,
                              client_secret=client_secret)
    # Success!
    sys.stdout.write(f"User:{username}@lain.faith\r\n")
except:
    # Auth error
    sys.exit(1)