#!/bin/bash
_help() {
  echo "
sbean: Spilling the beans, a keepassxc cli wrapper

syntax:
[db-file] [key-file] [command] [[entry-name]] [[options]]

Commands:
 install           apt install keepassxc
 create            database create
 ls                list entries
 add [entry-name]  add new entry, password asked interactively, or use stdin
  options:
   --user          optional user-name
   --file          use a file as password (may be binary)
 get-user [entry-name]     get user name
 get-password [entry-name] get password
  options:
   --decode        use if --file was used to add
 open              open database using cli
 openx             open database using keepassxc
"
  exit
}

_exit() {
  clear
  exit
}

_error() {
  echo "$@" >/dev/stderr
  exit 1
}

_install() {
  dpkg -l keepassxc && return
  sudo apt-get install keepassxc
}

_create() {
  echo Creating new database
  set -e
  if [[ -z "$DBKEY" ]]; then _error "key required"; fi
  if [[ -z "$DBPATH" ]]; then _error "db required"; fi
  if [[ -e "$DBPATH" ]]; then _error "File $DBPATH already exists"; fi
  if [[ -e "$DBKEY" ]]; then _error "File $DBKEY already exists"; fi
  keepassxc-cli db-create -k "$DBKEY" "$DBPATH"
}

_ls() {
  keepassxc-cli ls -k "$DBKEY" --no-password -R -f "$DBPATH"
}

_add() {
  if [[ -z "$ENTRY" ]]; then _error "entry required"; fi
  if [[ -e "$ENTRY_FILE" ]]; then
    cat "$ENTRY_FILE" | base64 -w 0 | keepassxc-cli add -k "$DBKEY" --no-password "$DBPATH" -p -u "$ENTRY_USER" "$ENTRY"
  else
    keepassxc-cli add -k "$DBKEY" --no-password "$DBPATH" -p -u "$ENTRY_USER" "$ENTRY"
  fi
}

_get_user() {
  if [[ -z "$ENTRY" ]]; then _error "entry required"; fi
  keepassxc-cli show -k "$DBKEY" --no-password -a username "$DBPATH" "$ENTRY"
}

_get_pass() {
  if [[ -z "$ENTRY" ]]; then _error "entry required"; fi
  if [[ -z "$ENTRY_DECODE" ]]; then
    keepassxc-cli show -k "$DBKEY" --no-password -a password "$DBPATH" "$ENTRY"
  else
    keepassxc-cli show -k "$DBKEY" --no-password -a password "$DBPATH" "$ENTRY" | base64 -d
  fi
}

_open() {
  keepassxc-cli open -k "$DBKEY" --no-password "$DBPATH"
}
_openx() {
  keepassxc --keyfile "$DBKEY" "$DBPATH"
}
for (( i=1; i<=$#; i++ )); do
  value=${!i}
  j=$(( i + 1 ))
  [[ "${value}" = "-"* ]] && {
    [[ "$value" =~ -h ]] && { _help; }
    [[ "$value" =~ --help ]] && { _help; }
    [[ "$value" =~ --user ]] && { ENTRY_USER="${!j}"; }
    [[ "$value" =~ --file ]] && { ENTRY_FILE="${!j}"; }
    [[ "$value" =~ --decode ]] && { ENTRY_DECODE="true"; continue; }
    i=$j
    continue
  }
  if [[ -z "$DBPATH" ]]; then DBPATH="${!i}"; continue; fi
  if [[ -z "$DBKEY" ]]; then DBKEY="${!i}"; continue; fi
  if [[ -z "$CMD" ]]; then CMD="${!i}"; continue; fi
  if [[ -z "$ENTRY" ]]; then ENTRY="${!i}"; continue; fi
done

if [[ ! "$CMD" = install ]]; then
  which keepassxc-cli &> /dev/null || {
    echo Missing keepassxc-cli >/dev/stderr
    exit 1
  }
fi

case $CMD in
  install) _install ;;
  create) _create ;;
  ls) _ls ;;
  add) _add ;;
  get-user) _get_user ;;
  get-pass*) _get_pass ;;
  open) _open ;;
  openx) _openx ;;
  *) _help ;;
esac