# -*- coding: utf-8 -*-
# Description: freeradius netdata python.d module
# Author: l2isbad
# SPDX-License-Identifier: GPL-3.0-or-later

import re
from subprocess import Popen, PIPE

from bases.collection import find_binary
from bases.FrameworkServices.SimpleService import SimpleService

update_every = 15

PARSER = re.compile(r'((?<=-)[AP][a-zA-Z-]+) = (\d+)')

RADIUS_MSG = 'Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept'

RADCLIENT_RETRIES = 1
RADCLIENT_TIMEOUT = 1

DEFAULT_HOST = 'localhost'
DEFAULT_PORT = 18121
DEFAULT_DO_ACCT = False
DEFAULT_DO_PROXY_AUTH = False
DEFAULT_DO_PROXY_ACCT = False

ORDER = [
    'authentication',
    'accounting',
    'proxy-auth',
    'proxy-acct',
]

CHARTS = {
    'authentication': {
        'options': [None, 'Authentication', 'packets/s', 'authentication', 'freerad.auth', 'line'],
        'lines': [
            ['access-accepts', None, 'incremental'],
            ['access-rejects', None, 'incremental'],
            ['auth-dropped-requests', 'dropped-requests', 'incremental'],
            ['auth-duplicate-requests', 'duplicate-requests', 'incremental'],
            ['auth-invalid-requests', 'invalid-requests', 'incremental'],
            ['auth-malformed-requests', 'malformed-requests', 'incremental'],
            ['auth-unknown-types', 'unknown-types', 'incremental']
        ]
    },
    'accounting': {
        'options': [None, 'Accounting', 'packets/s', 'accounting', 'freerad.acct', 'line'],
        'lines': [
            ['accounting-requests', 'requests', 'incremental'],
            ['accounting-responses', 'responses', 'incremental'],
            ['acct-dropped-requests', 'dropped-requests', 'incremental'],
            ['acct-duplicate-requests', 'duplicate-requests', 'incremental'],
            ['acct-invalid-requests', 'invalid-requests', 'incremental'],
            ['acct-malformed-requests', 'malformed-requests', 'incremental'],
            ['acct-unknown-types', 'unknown-types', 'incremental']
        ]
    },
    'proxy-auth': {
        'options': [None, 'Proxy Authentication', 'packets/s', 'authentication', 'freerad.proxy.auth', 'line'],
        'lines': [
            ['proxy-access-accepts', 'access-accepts', 'incremental'],
            ['proxy-access-rejects', 'access-rejects', 'incremental'],
            ['proxy-auth-dropped-requests', 'dropped-requests', 'incremental'],
            ['proxy-auth-duplicate-requests', 'duplicate-requests', 'incremental'],
            ['proxy-auth-invalid-requests', 'invalid-requests', 'incremental'],
            ['proxy-auth-malformed-requests', 'malformed-requests', 'incremental'],
            ['proxy-auth-unknown-types', 'unknown-types', 'incremental']
        ]
    },
    'proxy-acct': {
        'options': [None, 'Proxy Accounting', 'packets/s', 'accounting', 'freerad.proxy.acct', 'line'],
        'lines': [
            ['proxy-accounting-requests', 'requests', 'incremental'],
            ['proxy-accounting-responses', 'responses', 'incremental'],
            ['proxy-acct-dropped-requests', 'dropped-requests', 'incremental'],
            ['proxy-acct-duplicate-requests', 'duplicate-requests', 'incremental'],
            ['proxy-acct-invalid-requests', 'invalid-requests', 'incremental'],
            ['proxy-acct-malformed-requests', 'malformed-requests', 'incremental'],
            ['proxy-acct-unknown-types', 'unknown-types', 'incremental']
        ]
    }
}


def radclient_status(radclient, retries, timeout, host, port, secret):
    # radclient -r 1 -t 1 -x 127.0.0.1:18121 status secret

    return '{radclient} -r {num_retries} -t {timeout} -x {host}:{port} status {secret}'.format(
        radclient=radclient,
        num_retries=retries,
        timeout=timeout,
        host=host,
        port=port,
        secret=secret,
    ).split()


class Service(SimpleService):
    def __init__(self, configuration=None, name=None):
        SimpleService.__init__(self, configuration=configuration, name=name)
        self.order = ORDER
        self.definitions = CHARTS
        self.host = self.configuration.get('host', DEFAULT_HOST)
        self.port = self.configuration.get('port', DEFAULT_PORT)
        self.secret = self.configuration.get('secret')
        self.do_acct = self.configuration.get('acct', DEFAULT_DO_ACCT)
        self.do_proxy_auth = self.configuration.get('proxy_auth', DEFAULT_DO_PROXY_AUTH)
        self.do_proxy_acct = self.configuration.get('proxy_acct', DEFAULT_DO_PROXY_ACCT)
        self.echo = find_binary('echo')
        self.radclient = find_binary('radclient')
        self.sub_echo = [self.echo, RADIUS_MSG]
        self.sub_radclient = radclient_status(
            self.radclient, RADCLIENT_RETRIES, RADCLIENT_TIMEOUT, self.host, self.port, self.secret,
        )

    def check(self):
        if not self.radclient:
            self.error("Can't locate 'radclient' binary or binary is not executable by netdata user")
            return False

        if not self.echo:
            self.error("Can't locate 'echo' binary or binary is not executable by netdata user")
            return None

        if not self.secret:
            self.error("'secret' isn't set")
            return None

        if not self.get_raw_data():
            self.error('Request returned no data. Is server alive?')
            return False

        if not self.do_acct:
            self.order.remove('accounting')

        if not self.do_proxy_auth:
            self.order.remove('proxy-auth')

        if not self.do_proxy_acct:
            self.order.remove('proxy-acct')

        return True

    def get_data(self):
        """
        Format data received from shell command
        :return: dict
        """
        result = self.get_raw_data()

        if not result:
            return None

        return dict(
            (key.lower(), value) for key, value in PARSER.findall(result)
        )

    def get_raw_data(self):
        """
        The following code is equivalent to
        'echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept"
         | radclient -t 1 -r 1 host:port status secret'
        :return: str
        """
        try:
            process_echo = Popen(self.sub_echo, stdout=PIPE, stderr=PIPE, shell=False)
            process_rad = Popen(self.sub_radclient, stdin=process_echo.stdout, stdout=PIPE, stderr=PIPE, shell=False)
            process_echo.stdout.close()
            raw_result = process_rad.communicate()[0]
        except OSError:
            return None

        if process_rad.returncode is 0:
            return raw_result.decode()

        return None