import getopt
import sys

import jwt


def usage():
    progname = sys.argv[0]

    print(f'Usage: {progname} [-p <path>] [-w <value>] [-r <value>]\n' +
          '  -p <path to private key>\n' +
          '  -w <write, comma separated list of domains>\n' +
          '  -r <read, comma separated list of domains>')
    sys.exit(0)


def create_token(private_key, write_domains, read_domains):
    write_claim = list()
    read_claim = list()

    if write_domains:
        write_claim = write_domains.split(',')

    if read_domains:
        read_claim = read_domains.split(',')

    payload = {
        'sub': 'test',
        'fresh': False,
        'type': 'access',
        'write': write_claim,
        'read': read_claim
    }

    with open(private_key, "r") as fd:
        key = fd.read()

    return jwt.encode(payload=payload, algorithm='ES256', key=key)


if __name__ == '__main__':
    read_domains = None
    write_domains = None
    private_key = None

    try:
        opts, args = getopt.getopt(sys.argv[1:], 'p:w:r:h')
    except getopt.GetoptError:
        usage()

    for opt, arg in opts:
        if opt == '-p':
            private_key = arg
        elif opt == '-w':
            write_domains = arg
        elif opt == '-r':
            read_domains = arg
        elif opt == '-h':
            usage()
        else:
            usage()

    if not private_key:
        usage()

    if not write_domains and not read_domains:
        usage()

    token = create_token(private_key, write_domains,
                         read_domains)

    print(f'{token}')