#!/usr/bin/python
# -*- coding: utf-8 -*-     

import sys
from josef_lib import *
import leveldb
import argparse
import json
import base64
import subprocess
from josef_leveldb import *
from datetime import datetime as dt
import ast
from monitor_conf import DB_PATH



class monitored_domain:
    def __init__(self, url):
        self.url = url
        self.entries = []

    def add(self, item):
        self.entries.appent(item)

class monitored_entry:
    def __init__(self, subject, issuer, log, status):
        self.issuer = issuer
        self.subject = subject
        self.log = log
        self.status = status


    def __str__(self):
        s = self.subject + \
        " certified by " + self.issuer + \
        " (" + self.log + ") "
        if self.status:
            return "(VALID) " + s
        else:
            return "(NOT VALID) " + s




parser = argparse.ArgumentParser(description="")
parser.add_argument('--domain', default=None)
parser.add_argument('--log', default=None)
parser.add_argument('--exclude-invalid', action='store_true')
parser.add_argument('--get-cert', action='store_true')

args = parser.parse_args()

monitored_domains = [
    monitored_domain("*.preishelden.de"),
    monitored_domain("*.liu.se"),
    monitored_domain("*.kth.se"),
    monitored_domain("*.nordu.net"),
]

db = DB_PATH



def db_monitor_domain(domain, log=None, exclude_invalid=None, get_cert=None):
    # print domain
    raw = db_lookup_domain(db, domain)

    cur_time = dt.now()
    count_valid = 0
    count_expired = 0
    count_not_yet_valid = 0
    count_all = 0
    res = []
    for item in raw:
        try:
            entry = ast.literal_eval(item)
        except:
            print (item + '}').replace("'", '"')
        success = True
        not_after_time = dt.strptime(entry["not_after"], "%b %d %H:%M:%S %Y GMT")
        not_before_time = dt.strptime(entry["not_before"], "%b %d %H:%M:%S %Y GMT")


        if log:
            if log in entry["log"]:
                pass
            else:
                success = False

        if cur_time > not_after_time:
            valid = False
            expired = True
        elif cur_time < not_before_time:
            valid = False
            expired = False
        else:
            expired = False
            valid = True

        # Exclude expired
        if exclude_invalid and not valid:
            success = False
            
        
        # Set count matches
        if success:
            count_all += 1
            if valid:
                count_valid += 1
            elif expired:
                count_expired += 1
            else:
                count_not_yet_valid += 1

        # Print matching
        if success:
            me = monitored_entry(entry["subject"].split("CN=")[1], entry["issuer"].split("CN=")[1], entry["log"],valid)
            print str(me)

            if get_cert:
                print get_full_cert(entry)
            res.append(me)


    print str(count_all) + " matches found. " \
    + str(count_valid) + " valid, " \
    + str(count_expired) + " expired and " \
    + str(count_not_yet_valid) + " not yet valid for " \
    + domain
    return res


if args.domain:
    db_monitor_domain(args.domain, args.log, args.exclude_invalid, args.get_cert)
else:
    print "Running on " + str(len(monitored_domains)) + " monitored domains."
    for d in monitored_domains:
        db_monitor_domain(d.url, args.log, args.exclude_invalid, args.get_cert)