package hackers_git

import (
	"crypto/rand"
	"math/big"
	p "nslcd_proto"
	"nslcd_proto/util"
)

func (o *Hackers) PAM_Authentication(cred p.Ucred, req p.Request_PAM_Authentication) p.PAM_Authentication_Enumerator {
	o.lock.RLock()
	defer o.lock.RUnlock()

	uid := o.name2uid(req.UserName)
	if uid < 0 {
		return util.PAM_Authentication_Ø{}
	}

	user := o.users[uid]
	ret := p.PAM_Authentication{
		AuthenticationResult: p.NSLCD_PAM_AUTH_ERR,
		UserName:             "",
		AuthorizationResult:  p.NSLCD_PAM_AUTH_ERR,
		AuthorizationError:   "",
	}
	if check_password(req.Password, user.passwd.PwHash) {
		ret.AuthenticationResult = p.NSLCD_PAM_SUCCESS
		ret.AuthorizationResult = ret.AuthenticationResult
		ret.UserName = user.passwd.Name
	}

	return util.New_PAM_Authentication_List([]p.PAM_Authentication{ret})
}

func (o *Hackers) PAM_Authorization(cred p.Ucred, req p.Request_PAM_Authorization) p.PAM_Authorization_Enumerator {
	o.lock.RLock()
	defer o.lock.RUnlock()

	uid := o.name2uid(req.UserName)
	if uid < 0 {
		return util.PAM_Authorization_Ø{}
	}
	ret := p.PAM_Authorization{
		Result: p.NSLCD_PAM_SUCCESS,
		Error:  "",
	}

	return util.New_PAM_Authorization_List([]p.PAM_Authorization{ret})
}

const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890"

var alphabet_len = big.NewInt(int64(len(alphabet)))

func (o *Hackers) PAM_SessionOpen(cred p.Ucred, req p.Request_PAM_SessionOpen) p.PAM_SessionOpen_Enumerator {
	var sessionid [24]byte

	for i := 0; i < len(sessionid); i++ {
		bigint, err := rand.Int(rand.Reader, alphabet_len)
		if err != nil {
			return util.PAM_SessionOpen_Ø{}
		}
		sessionid[i] = alphabet[bigint.Int64()]
	}

	ret := p.PAM_SessionOpen{SessionID: string(sessionid[:])}

	return util.New_PAM_SessionOpen_List([]p.PAM_SessionOpen{ret})
}

func (o *Hackers) PAM_SessionClose(cred p.Ucred, req p.Request_PAM_SessionClose) p.PAM_SessionClose_Enumerator {
	return util.PAM_SessionClose_Ø{}
}