#!/usr/bin/python

# Copyright: (c) 2018, Terry Jones <terry.jones@example.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type

DOCUMENTATION = r'''
---
module: tsig_interpreter

short_description: Reads BIND9 tsig key files and outputs content to register

# If this is part of a collection, you need to use semantic versioning,
# i.e. the version is of the form "2.5.0" and not "2.4".
version_added: "1.0.0"

description: This is my longer description explaining my test module.

options:
    path:
        description: Path the keyfile should be found
        required: true
        type: str
        aliases:
            - file
            - key_file

author:
    - Felix Stupp (@zocker1999net)
'''

EXAMPLES = r'''
# Gain and use key
- name: Gain key
  my_namespace.my_collection.tsig_interpreter:
    path: '/etc/bind/rndc.key'
  register: key_data

- name: Use key
  nsupdate:
    key_algorithm: key_data.key_algorithm
    key_name: key_data.key_name
    key_secret: key_data.key_secret
'''

RETURN = r'''
key_algorithm:
    description: The algorithm used for the key
    type: str
    returned: always
    sample: 'hmac-md5'
key_file:
    description: The file that contained the extracted key
    type: str
    returned: always
    sample: '/my/path/my.key'
key_name:
    description: The name of the key
    type: str
    returned: always
    sample: 'key.example.com'
key_secret:
    description: The secret of the key
    type: str
    returned: always
    sample: 'ABCDEFG=='
'''

import os
import re

from ansible.module_utils.basic import AnsibleModule

def main():
    content_regex = re.compile(r'^\s*key\s+"?(?P<name>[^"\s{};]+)"?\s+\{\s*algorithm\s+"?(?P<algo>[^"\s{};]+)"?\s*;\s*secret\s+"?(?P<secret>[^"\s{};]+)"?\s*;\s*}\s*;\s*$')
    module_args = {
        "path": {
            "type": "str",
            "required": True,
            "aliases": ["file", "key_file"],
        },
    }
    module = AnsibleModule(
        argument_spec=module_args,
        supports_check_mode=True, # ignored because only data is retrieved
    )
    # get params
    path = module.params["path"]
    # prepare result
    result = {
        "changed": False,
        "key_file": path,
    }
    # check file
    if not os.path.exists(path):
        module.fail_json(msg="file not found: %s" % path)
    if not os.access(path, os.R_OK):
        module.fail_json(msg="file is not readable: %s" % path)
    # gain content
    with open(path, 'r') as fh:
        content = fh.read()
    # interpret content
    content = content.replace("\n", " ")
    match = content_regex.match(content)
    if not match:
        module.fail_json(msg="content of file not in expected syntax: %s" % path)
    result["key_algorithm"] = match.group("algo")
    result["key_name"] = match.group("name")
    result["key_secret"] = match.group("secret")
    # exit
    module.exit_json(**result)

if __name__ == '__main__':
    main()