#!/usr/bin/perl -wT

use warnings;
use strict;

{
  package MSVA;

  use HTTP::Server::Simple::CGI;
  use base qw(HTTP::Server::Simple::CGI);
  use warnings;
  use strict;

  use JSON;

  my %dispatch = (
                  '/reviewcert' => \&reviewcert,
                  '/extracerts' => \&extracerts,
                 );

  sub handle_request {
    my $self = shift;
    my $cgi  = shift;

    my $path = $cgi->path_info();
    my $handler = $dispatch{$path};

    # FIXME: ensure that this is a POST
    if (ref($handler) eq "CODE") {
      printf STDERR ("Got POST %s\n", $path);
      my ($status, $object) = $handler->($cgi);
      printf("HTTP/1.0 %s\r\nContent-Type: application/json\r\n\r\n%s", $status, to_json ($object));

    } else {
      printf("HTTP/1.0 404 Not Found -- not handled by Monkeysphere validation agent\r\nContent-Type: text/plain\r\n\r\nHTTP/1.0 404 Not Found -- the path:\r\n   %s\r\nis not handled by the MonkeySphere validation agent.\r\nPlease try one of the following paths instead:\r\n\r\n%s\r\n", $path, ' * '.join("\r\n * ", keys %dispatch) );
    }
  }

  sub reviewcert {
    my $cgi  = shift;   # CGI.pm object
    return if !ref $cgi;

    # FIXME: these should be opening up a json blob instead of using CGI params.
    my $data = from_json($cgi->param('POSTDATA'));

    use Data::Dumper;
    print STDERR Dumper($data);

    my $ret = { valid => 'true' };
    # my $status = '404 no match found for the public key in this certificate';
    # or:
    my $status = '200 match found, authentication details to follow';

    return $status, $ret;
  }

  sub extracerts {
    my $cgi = shift;

    return '500 not yet implemented', { };
  }
}

# start the server on port 8091
my $server = MSVA->new(8901);
$server->run();