//! The `hsc` subcommand.

use crate::subcommands::prompt;

use crate::{Result, TorClient};

use anyhow::{Context, anyhow};

use arti_client::{HsClientDescEncKey, HsId, InertTorClient, KeystoreSelector, TorClientConfig};

use clap::{ArgMatches, Args, FromArgMatches, Parser, Subcommand, ValueEnum};

use safelog::DisplayRedacted;

use tor_rtcompat::Runtime;

#[cfg(feature = "onion-service-cli-extra")]

use {

    std::collections::{HashMap, hash_map::Entry},

    tor_hsclient::HsClientDescEncKeypairSpecifier,

    tor_hscrypto::pk::HsClientDescEncKeypair,

    tor_keymgr::{CTorPath, KeyPath, KeystoreEntry, KeystoreEntryResult, KeystoreId},

};

use std::fs::OpenOptions;

use std::io::{self, Write};

use std::str::FromStr;

/// The hsc subcommands the arti CLI will be augmented with.

#[derive(Parser, Debug)]

pub(crate) enum HscSubcommands {

    /// Run state management commands for an Arti hidden service client.

    #[command(subcommand)]

    Hsc(HscSubcommand),

}

/// The `hsc` subcommand.

#[derive(Debug, Subcommand)]

pub(crate) enum HscSubcommand {

    /// Prepare a service discovery key for connecting

    /// to a service running in restricted discovery mode.

    /// (Deprecated: use `arti hsc key get` instead)

    ///

    // TODO: use a clap deprecation attribute when clap supports it:

    // <https://github.com/clap-rs/clap/issues/3321>

    #[command(arg_required_else_help = true)]

    GetKey(GetKeyArgs),

    /// Key management subcommands.

    #[command(subcommand)]

    Key(KeySubcommand),

    /// Migrate service discovery keys from a registered CTor keystore to the primary

    /// keystore

    #[cfg(feature = "onion-service-cli-extra")]

    #[command(name = "ctor-migrate")]

    CTorMigrate(CTorMigrateArgs),

}

/// The `hsc-key` subcommand.

#[derive(Debug, Subcommand)]

pub(crate) enum KeySubcommand {

    /// Get or generate a hidden service client key

    #[command(arg_required_else_help = true)]

    Get(GetKeyArgs),

    /// Rotate a hidden service client key

    #[command(arg_required_else_help = true)]

    Rotate(RotateKeyArgs),

    /// Remove a hidden service client key

    #[command(arg_required_else_help = true)]

    Remove(RemoveKeyArgs),

}

/// A type of key

#[derive(Copy, Clone, Debug, Default, PartialEq, Eq, ValueEnum)]

enum KeyType {

    /// A service discovery key for connecting to a service

    /// running in restricted discovery mode.

    #[default]

    ServiceDiscovery,

}

/// The arguments of the [`GetKey`](HscSubcommand::GetKey)

/// subcommand.

#[derive(Debug, Clone, Args)]

pub(crate) struct GetKeyArgs {

    /// Arguments shared by all hsc subcommands.

    #[command(flatten)]

    common: CommonArgs,

    /// Arguments for configuring keygen.

    #[command(flatten)]

    keygen: KeygenArgs,

    /// Whether to generate the key if it is missing

    #[arg(

        long,

        default_value_t = GenerateKey::IfNeeded,

        value_enum

    )]

    generate: GenerateKey,

    // TODO: add an option for selecting the keystore to generate the keypair in

}

/// Whether to generate the key if missing.

#[derive(Copy, Clone, Debug, Default, PartialEq, Eq, ValueEnum)]

enum GenerateKey {

    /// Do not generate the key.

    No,

    /// Generate the key if it's missing.

    #[default]

    IfNeeded,

}

/// The common arguments of the key subcommands.

#[derive(Debug, Clone, Args)]

pub(crate) struct CommonArgs {

    /// The type of the key.

    #[arg(

        long,

        default_value_t = KeyType::ServiceDiscovery,

        value_enum

    )]

    key_type: KeyType,

    /// With this flag active no prompt will be shown

    /// and no confirmation will be asked

    #[arg(long, short, default_value_t = false)]

    batch: bool,

}

/// The common arguments of the key subcommands.

#[derive(Debug, Clone, Args)]

pub(crate) struct KeygenArgs {

    /// Write the public key to FILE. Use - to write to stdout

    #[arg(long, name = "FILE")]

    output: String,

    /// Whether to overwrite the output file if it already exists

    #[arg(long)]

    overwrite: bool,

}

/// The arguments of the [`Rotate`](KeySubcommand::Rotate) subcommand.

#[derive(Debug, Clone, Args)]

pub(crate) struct RotateKeyArgs {

    /// Arguments shared by all hsc subcommands.

    #[command(flatten)]

    common: CommonArgs,

    /// Arguments for configuring keygen.

    #[command(flatten)]

    keygen: KeygenArgs,

}

/// The arguments of the [`Remove`](KeySubcommand::Remove) subcommand.

#[derive(Debug, Clone, Args)]

pub(crate) struct RemoveKeyArgs {

    /// Arguments shared by all hsc subcommands.

    #[command(flatten)]

    common: CommonArgs,

}

/// The arguments of the [`CTorMigrate`](HscSubcommand::CTorMigrate) subcommand.

#[derive(Debug, Clone, Args)]

#[cfg(feature = "onion-service-cli-extra")]

pub(crate) struct CTorMigrateArgs {

    /// With this flag active no prompt will be shown

    /// and no confirmation will be asked.

    #[arg(long, short, default_value_t = false)]

    batch: bool,

    /// The ID of the keystore that should be migrated.

    // TODO: The command should detect if the ID provided belongs to a CTor keystore and return an

    // error if it does not.

    #[arg(long, short)]

    from: KeystoreId,

}

/// Run the `hsc` subcommand.

    use KeyType::*;

            );

            }

        }

        #[cfg(feature = "onion-service-cli-extra")]

    }

/// Run the `hsc key` subcommand

    }

/// Run the `hsc prepare-stealth-mode-key` subcommand.

        GenerateKey::IfNeeded => {

            // TODO: consider using get_or_generate in generate_service_discovery_key

        }

            None => {

            }

        },

    };

/// Display the public part of a service discovery key.

//

// TODO: have a more principled implementation for displaying messages, etc.

// For example, it would be nice to centralize the logic for writing to stdout/file,

// and to add a flag for choosing the output format (human-readable or json)

    // Output the public key to the specified file, or to stdout.

                    io::ErrorKind::AlreadyExists => {

                    }

                    _ => {

                    }

                }

        }

    }

/// Write the public part of `key` to `f`.

/// Run the `hsc rotate-key` subcommand.

    );

/// Run the `hsc remove-key` subcommand.

    );

/// Run the `hsc ctor-migrate` subcommand.

#[cfg(feature = "onion-service-cli-extra")]

    // TODO: Simplify this logic when addressing issue #1359.

    // See [!3390 (comment 3288090)](https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/3390#note_3288090).

            } else {

                );

            };

                    true,

                );

    }

/// Prompt the user for an onion address.

/// Helper function for `migrate_ctor_keys`.

///

/// Parses and returns the client keys from the CTor keystore identified by `--from` CLI flag.

/// Detects if there is a clash (different keys for the same hidden service within

/// the CTor keystore).

/// Such a situation is invalid, as each service must have a unique key.

/// If a clash is found, an error is returned.

/// If no clashes are detected, returns a `HashMap` of keystore entries, keyed

/// by hidden service identifier.

#[cfg(feature = "onion-service-cli-extra")]

                Entry::Occupied(_) => {

                }

            }

    }