#!/bin/sh
# check if proxy has enough time. 
#
# 08/17/2007 clf
#
# History:
# 02/29/08 CLF: If silent, do not re-new proxy
# 05/12/08 CLF: Use fglogin.sh, if available
# 12/07/12 CLF: handle myproxy or "local"
# 04/12/13 Xia Lee:  Handle password from file
#
if [ -f /bin/basename ]; then
  pgm=`/bin/basename $0`
else
  pgm='tr_ckproxy'   # mac has this in /usr/bin/basename
fi
INFO="$pgm -I- "
ERR="$pgm -E- "
WAR="$pgm -W- "
USAGE="usage: $pgm [proxy-path | FIND ] [-s | -i <file]"

use_stdin=''
STDIN=''

if [ $# -gt 0 ]; then
  while [ -n "$1" ]; do
    case "$1" in
     FIND )
        if [ "X$X509_USER_PROXY" != "X" ]; then
          proxy="$X509_USER_PROXY" 
        else
          os=`uname`
          if [ "$os" = "SunOS" ]; then
             uid=`/usr/gnu/bin/id -u`
	  else
             uid=`id -u`
          fi
          proxy="/tmp/x509up_u${uid}"
        fi
        ;;
     -s )
        silent=TRUE
        ;;
     -i)
        use_stdin=TRUE
        ;;
     * )
        proxy=$1
        ;;
    esac
    shift
  done
else
  echo "$USAGE" 1>&2
  exit 1
fi
#

# Check we have proxy
if [ -z "$proxy" ]; then
  echo "$USAGE" 1>&2
  exit 1   
fi

# Check if must use myproxy
   if [ -f ~/.globus/usercert.pem -a  -f ~/.globus/userkey.pem ]; then
      # check if cert has expired: 86400 sec = 1 day 
      openssl x509 -in ~/.globus/usercert.pem -noout -checkend 86400
      if [ $? = 0 ]; then
         GET_PROXY=`which grid-proxy-init 2> /dev/null`
         if [ "$use_stdin" == "TRUE" ]; then
             STDIN='-pwstdin'
         fi
         HOURS=" -hours 264 "
      fi
   fi
   if [ -z "$GET_PROXY" ]; then
# Check if can run fglogin.sh
      GET_PROXY=`which fglogin.sh 2> /dev/null`
      if [ $? = 1 ]; then
         GET_PROXY=`which myproxy-get-delegation 2> /dev/null`
      fi
      if [ "$use_stdin" == "TRUE" ]; then
          STDIN='--stdin_pass'
      fi
      HOURS=" -t 264 "
      MYPROXY=1
   fi
#
# Check for valid short proxy
#
grid-proxy-info -f $proxy -exists > /dev/null 2>&1 

if [ $? != 0 ]; then
   if [ -n "$silent" ]; then
      echo "$ERR  can not find valid proxy"  1>&2
      exit 1
   fi
   if [ -z "$GET_PROXY" ]; then
      echo "
      $ERR  can't find the myproxy-get-delegation command
      Get proxy and rerun program." 1>&2
      exit 1
   fi
   echo "$WAR  can not find valid proxy
         will run $GET_PROXY "  1>&2
# Run proxy script - ask for 2 weeks
   $GET_PROXY $HOURS $STDIN 1>&2
   status=$?
   if [ -n "$MYPROXY" -a $status != 0 ]; then
      echo "$ERR Failed to get proxy.
      Do you authenticate with a different username?" 1>&2
      echo -n " If so, enter grid username: " 1>&2
      read -e UNAME
      if [ -n "$UNAME" ]; then
        $GET_PROXY -l $UNAME -t 264 $STDIN 1>&2
        status=$?
      fi
   fi
   if [ $status != 0 ]; then
      echo "$ERR Failed to get proxy.
      Get proxy and rerun program." 1>&2
      exit 1
   fi
fi
# Got proxy
# Now find remaining time
# If less 3 days left: re-new
secsleft=`grid-proxy-info -file "$proxy" -timeleft`
status=$?
if [ $status != 0 ]; then
    exit 1
fi
if [ "$secsleft" -lt 259200 ]; then
  echo " "
  echo "$INFO 
  The time remaining on this certificate is less than seventy-two hours.
  To allow time for debugging, reset proxy:
  " 1>&2
  if [ -z "$silent" ]; then
#   Renew Proxy
    $GET_PROXY $HOURS $STDIN 1>&2
    status=$?
    if [ $status != 0 ]; then
       echo "$ERR Failed to get proxy.
       Get proxy and rerun program." 1>&2
       exit 1
    else
#   check again
       secsleft=`grid-proxy-info -file "$proxy" -timeleft`
       status=$?
       if [ $status != 0 ]; then
        exit 1
       fi
       if [ "$secsleft" -lt 259200 ] ; then
        echo "$ERR
        The time remaining on $proxy
        is still less than seventy-two hours. Reset proxy manually.
        Example: $GET_PROXY $HOURS
        " 1>&2
          exit 1
       fi
    fi
  else
    exit 1
  fi
fi
