#!/bin/bash

declare -A connections=( ["shigoto"]="shigoto/vpn" ["ucell"]="shigoto/ucell/vpn" ["ums"]="shigoto/ums/vpn" ["telekomsrbija"]="shigoto/telekomsrbija/vpn" )

function get_from_pass () {
    pass show "$1" | grep "^$2:" | sed -r "s|^$2: ||g"
}

[[ $# < 1 ]] && echo -e "Please specify a VPN connection profile.\nOptions:\n$( for conn in "${!connections[@]}"; do echo "$conn"; done)" && exit -1

passentry="${connections["$1"]}"
[[ -z $passentry ]] && echo -e "ERROR. VPN CONNECTION PROFILE NOT FOUND\nOptions:\n$( for conn in "${!connections[@]}"; do echo "$conn"; done)" && exit -2
CONN_NAME="$( get_from_pass "$passentry" "name" )"

if [[ "$( nmcli c s | grep "$CONN_NAME" | sed -r "s|.*\s+([^ ]+)\s+|\1|g" )" !=  "--" ]]; then
    echo "ALREADY CONNECTED. DISCONNECTING..."
    nmcli con down "$CONN_NAME"
else
    CONN_GATEWAY="$( get_from_pass "$passentry" "gateway" )"
    CONN_CERTIFICATE="$( get_from_pass "$passentry" "certificate" )"
    CONN_USERAGENT="$( get_from_pass "$passentry" "useragent" )"

    [[ -n $CONN_CERTIFICATE ]] && CERTFLAG="--servercert $CONN_CERTIFICATE" || CERTFLAG=""
    [[ -n $CONN_USERAGENT ]] && USERAGENT="--useragent $CONN_USERAGENT" || USERAGENT=""

    CONN_USERNAME="$( get_from_pass "$passentry" "username" )"
    CONN_PASSWORD="$( pass $passentry | head -n1 )"
    echo "CONNECTING... "

    if get_from_pass "$passentry" "OTP" | grep -q "yes"; then
        eval ` { echo "$CONN_PASSWORD"; read OTP; echo "$OTP"; } | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
        # eval ` echo "$CONN_PASSWORD" | cat - /dev/tty | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
    else
        eval ` echo "$CONN_PASSWORD" | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
    fi

    if [ -z "$COOKIE" ]; then
        echo "ERROR: NO COOKIE"
        exit 1
    else
        nmcli con up "$CONN_NAME" passwd-file /proc/self/fd/5 5< <( printf "%s\n%s\n%s\n%s" "vpn.secrets.cookie:$COOKIE" "vpn.secrets.gwcert:$FINGERPRINT" "vpn.secrets.gateway:$CONN_GATEWAY" "vpn.secrets.resolve:$RESOLVE" )
    fi
fi