#!/usr/bin/env python3

#######################################################
# WARNING: Use the add-users-keycloak-api.py instead!!!
#######################################################

# See https://www.keycloak.org/docs/latest/server_admin/#user-operations
# The following command must be run beforehand to log into the keycloak:
# /opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin

from os.path import exists
from pathlib import Path
from shlex import split
from subprocess import run
from sys import exit

KCADM = "/opt/jboss/keycloak/bin/kcadm.sh"
REALM = "lumbung-space"


def confirm():
    answer = ""
    while answer not in ["y", "n"]:
        answer = input("OK to create account [Y/N]? ").lower()
    return answer == "y"


if not exists(Path("emails.txt").absolute()):
    print("Missing emails.txt!")
    exit(1)

with open("emails.txt") as handle:
    emails = handle.readlines()

for email in emails:
    username = email.split("@")[0].strip()

    print(f"processing {email} now...")
    print(f"deriving {username} from {email} for account creation...")

    create_command = split(
        f"""
        {KCADM} create users 
        -r {REALM}
        -s enabled=true
        -s username={username}
        -s 'requiredActions=["VERIFY_EMAIL","UPDATE_PROFILE","UPDATE_PASSWORD"]'
    """
    )

    password_command = split(
        f"""
        {KCADM} set-password \
        -r {REALM} \
        --username {username}
        --new-password lumbung
        --temporary
    """
    )

    print(f"Intending to run {create_command}...")
    print(f"And then {password_command}...")

    if not confirm():
        print("Bailing out on request...")
        exit(1)

    run(create_command)
    run(password_command)