# Copyright (c) 2025, Oracle and/or its affiliates.
#
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
#

import argparse
import json
import logging
import ssl
import sys

from http.server import HTTPServer, SimpleHTTPRequestHandler
from urllib.parse import unquote as urlunquote

from . import meb_controller as meb

class CustomHandler(SimpleHTTPRequestHandler):
    datadir = None

    def do_GET(self):

        if self.path == "/ping":
            self.send_response(200)
            self.end_headers()
            self.wfile.write(b"true\n")
            return

        if self.path == "/restart":
            # Debug hook to quickly restart container
            self.send_response(200)
            self.end_headers()
            self.wfile.write(b"true\n")
            sys.exit()

    def do_POST(self):
        # We don't do do access cheking here as Python http.server will
        # verify the client certificate before reaching this point

        if self.path.startswith('/backup/'):
            try:
                backup_name = urlunquote(self.path.rsplit('/', 1)[-1])

                content_length = int(self.headers.get('Content-Length', 0))
                post_body = self.rfile.read(content_length)

                info = json.loads(post_body)
                backup_profile = info["spec"]

                username = info["source"]["user"]
                password = info["source"]["password"]

                options = ["-u", username, f"-p{password}", f"--host=127.0.0.1"]
                if 'extra_options' in backup_profile and backup_profile['extra_options']:
                    options += backup_profile['extra_options']


                storage_opts = backup_profile['storage']

                if "s3" in storage_opts:
                    storage = meb.MebStorageS3(
                        storage_opts["s3"]["objectKeyPrefix"] + backup_name,
                        storage_opts["s3"]["region"], storage_opts["s3"]["bucket"],
                        info["secret"]["accessKeyId"], info["secret"]["secretAccessKey"],
                        storage_opts["s3"]["host"] if "host" in storage_opts["s3"] else None)

                elif "oci" in storage_opts:
                    storage = meb.MebStorageOCIPAR(storage_opts['oci']['prefix']+backup_name,
                                                meb.OCIObjectStorage(
                                                    meb.OCIRequest(info['secret']),
                                                    storage_opts['oci']['bucketName'],
                                                    storage_opts['oci']['namespace']))
                else:
                    raise Exception("Need either meb or s3 storage specification")

                incremental = info["incremental"]
                incremental_base = info["incremental_base"]

                backup = meb.MySQLEnterpriseBackup(
                    storage,
                    options,
                    "/tmp/backup-tmp",
                )
                try:
                    backup.backup(incremental, 'history:'+incremental_base)
                except Exception as exc:
                    self.send_response(500)
                    self.end_headers()
                    response = backup.log + "\n" + exc.__str__()
                    self.wfile.write(response.encode('utf-8', errors='replace'))
                    return

                finally:
                    backup.cleanup()

                self.send_response(200)
                self.end_headers()
                self.wfile.write(backup.log.encode('utf-8', errors='replace'))
                return
            except Exception as exc:
                self.send_response(500)
                self.end_headers()
                self.wfile.write(b"Failure\n")
                raise


        self.send_response(404)
        self.end_headers()
        self.wfile.write(b"false\n")


def serve_http(sslopts: dict, datadir: str):
    server_address = ('0.0.0.0', 4443)

    handler_class = CustomHandler
    handler_class.datadir = datadir

    httpd = HTTPServer(server_address, handler_class)

    context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
    context.load_cert_chain(certfile=sslopts["cert"], keyfile=sslopts["key"])
    context.load_verify_locations(cafile='/tls/ca.pem')
    context.verify_mode = ssl.CERT_REQUIRED

    httpd.socket = context.wrap_socket(httpd.socket, server_side=True)
    httpd.serve_forever()

def main(argv):
    parser = argparse.ArgumentParser(description="MySQL InnoDB Cluster MySQL Enterprise Backup Daemon")
    parser.add_argument('--logging-level', type=int, nargs="?", default = logging.INFO, help="Logging Level")
    parser.add_argument('--pod-name', type=str, nargs=1, default=None, help="Pod Name")
    parser.add_argument('--pod-namespace', type=str, nargs=1, default=None, help="Pod Namespace")
    parser.add_argument('--datadir', type=str, default="/var/lib/mysql", help="Path do data directory")
    parser.add_argument('--ssl-cert', type=str, help="Path do TLS server cert")
    parser.add_argument('--ssl-key', type=str, help="Path do TLS server key")
    args = parser.parse_args(argv[1:])

    datadir = args.datadir

    logging.basicConfig(level=args.logging_level,
                        format='%(asctime)s - [%(levelname)s] [%(name)s] %(message)s',
                        datefmt="%Y-%m-%dT%H:%M:%S")
    logger = logging.getLogger("meb")

    name = args.pod_name[0]
    namespace = args.pod_namespace[0]

    sslopts = {
        "cert": args.ssl_cert,
        "key": args.ssl_key,
    }

    try:
        logger.info("Starting MEB Daemon for %s/%s", namespace, name)

        serve_http(sslopts, datadir)
    except Exception as e:
        import traceback
        traceback.print_exc()
        logger.critical(f"Unhandled exception while restoring: {e}")
        return 1

if __name__ == '__main__':
    main(sys.argv)