torabkheslat
/
ZiCloud-API


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262
							package main

import (
	"crypto/sha256"
	"crypto/tls"
	"database/sql"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"net/http"
	"net/url"
	"strconv"
	"strings"
	"sync"
	"time"

	"github.com/dchest/uniuri"

	"github.com/dgrijalva/jwt-go"
	"github.com/labstack/echo"
)

type handler struct{}
type userInfo struct {
	Error     interface{} `json:"error"`
	ID        int         `json:"id"`
	Principal string      `json:"principal"`
	Result    struct {
		Result struct {
			Cn               []string `json:"cn"`
			Displayname      []string `json:"displayname"`
			Dn               string   `json:"dn"`
			Gecos            []string `json:"gecos"`
			Gidnumber        []string `json:"gidnumber"`
			Givenname        []string `json:"givenname"`
			HasKeytab        bool     `json:"has_keytab"`
			HasPassword      bool     `json:"has_password"`
			Homedirectory    []string `json:"homedirectory"`
			Initials         []string `json:"initials"`
			Ipauniqueid      []string `json:"ipauniqueid"`
			Krbcanonicalname []string `json:"krbcanonicalname"`
			Krbextradata     []struct {
				Base64 string `json:"__base64__"`
			} `json:"krbextradata"`
			Krblastfailedauth []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krblastfailedauth"`
			Krblastpwdchange []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krblastpwdchange"`
			Krbloginfailedcount   []string `json:"krbloginfailedcount"`
			Krbpasswordexpiration []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krbpasswordexpiration"`
			Krbprincipalname      []string `json:"krbprincipalname"`
			Krbpwdpolicyreference []string `json:"krbpwdpolicyreference"`
			Loginshell            []string `json:"loginshell"`
			Mail                  []string `json:"mail"`
			MemberofGroup         []string `json:"memberof_group"`
			Mepmanagedentry       []string `json:"mepmanagedentry"`
			Mobile                []string `json:"mobile"`
			Nsaccountlock         bool     `json:"nsaccountlock"`
			Objectclass           []string `json:"objectclass"`
			Pager                 []string `json:"pager"`
			Preserved             bool     `json:"preserved"`
			Sn                    []string `json:"sn"`
			Telephonenumber       []string `json:"telephonenumber"`
			UID                   []string `json:"uid"`
			Uidnumber             []string `json:"uidnumber"`
		} `json:"result"`
		Summary interface{} `json:"summary"`
		Value   string      `json:"value"`
	} `json:"result"`
	Version string `json:"version"`
}

//type userInfo struct {
//	Result struct {
//		Result struct {
//			Sshpubkeyfp      []string `json:"sshpubkeyfp"`
//			HasKeytab        bool     `json:"has_keytab"`
//			Ipasshpubkey     []string `json:"ipasshpubkey"`
//			Cn               []string `json:"cn"`
//			Krbcanonicalname []string `json:"krbcanonicalname"`
//			Krbticketflags   []string `json:"krbticketflags"`
//			MemberofGroup    []string `json:"memberof_group"`
//			HasPassword      bool     `json:"has_password"`
//			Homedirectory    []string `json:"homedirectory"`
//			Nsaccountlock    bool     `json:"nsaccountlock"`
//			UID              []string `json:"uid"`
//			Title            []string `json:"title"`
//			Loginshell       []string `json:"loginshell"`
//			Uidnumber        []string `json:"uidnumber"`
//			Preserved        bool     `json:"preserved"`
//			Krbextradata     []struct {
//				Base64 string `json:"__base64__"`
//			} `json:"krbextradata"`
//			Mail                     []string `json:"mail"`
//			MemberofindirectHbacrule []string `json:"memberofindirect_hbacrule"`
//			Dn                       string   `json:"dn"`
//			Displayname              []string `json:"displayname"`
//			Mepmanagedentry          []string `json:"mepmanagedentry"`
//			Ipauniqueid              []string `json:"ipauniqueid"`
//			Krbloginfailedcount      []string `json:"krbloginfailedcount"`
//			Krbpwdpolicyreference    []string `json:"krbpwdpolicyreference"`
//			Krbprincipalname         []string `json:"krbprincipalname"`
//			Givenname                []string `json:"givenname"`
//			Krblastadminunlock       []struct {
//				Datetime string `json:"__datetime__"`
//			} `json:"krblastadminunlock"`
//			Krbpasswordexpiration []struct {
//				Datetime string `json:"__datetime__"`
//			} `json:"krbpasswordexpiration"`
//			Krblastfailedauth []struct {
//				Datetime string `json:"__datetime__"`
//			} `json:"krblastfailedauth"`
//			Objectclass      []string `json:"objectclass"`
//			Gidnumber        []string `json:"gidnumber"`
//			Gecos            []string `json:"gecos"`
//			Sn               []string `json:"sn"`
//			MemberofSudorule []string `json:"memberof_sudorule"`
//			Krblastpwdchange []struct {
//				Datetime string `json:"__datetime__"`
//			} `json:"krblastpwdchange"`
//			Initials []string `json:"initials"`
//		} `json:"result"`
//		Value   string      `json:"value"`
//		Summary interface{} `json:"summary"`
//	} `json:"result"`
//	Version   string      `json:"version"`
//	Error     interface{} `json:"error"`
//	ID        int         `json:"id"`
//	Principal string      `json:"principal"`
//}
type ServiceList struct {
	TotalCount    string `json:"TotalCount,omitempty"`
	ActiveCount   string `json:"ActiveCount,omitempty"`
	ActiveVMCount string `json:"ActiveVMCount,omitempty"`
	TotalVMCount  string `json:"TotalVMCount,omitempty"`
}
type user_findResult struct {
	Error     interface{} `json:"error"`
	ID        int         `json:"id"`
	Principal string      `json:"principal"`
	Result    struct {
		Count  int `json:"count"`
		Result []struct {
			Dn               string   `json:"dn"`
			Gidnumber        []string `json:"gidnumber"`
			Givenname        []string `json:"givenname"`
			Homedirectory    []string `json:"homedirectory"`
			Krbcanonicalname []string `json:"krbcanonicalname"`
			Krbprincipalname []string `json:"krbprincipalname"`
			Loginshell       []string `json:"loginshell"`
			Mail             []string `json:"mail"`
			Nsaccountlock    bool     `json:"nsaccountlock"`
			Sn               []string `json:"sn"`
			Telephonenumber  []string `json:"telephonenumber"`
			UID              []string `json:"uid"`
			Uidnumber        []string `json:"uidnumber"`
		} `json:"result"`
		Summary   string `json:"summary"`
		Truncated bool   `json:"truncated"`
	} `json:"result"`
	Version string `json:"version"`
}

var User = userInfo{}

func (h *handler) login(c echo.Context) error {
	username := c.FormValue("username")
	password := c.FormValue("password")
	_url := URL + "/ipa/session/login_password"
	method := "POST"
	params := url.Values{}
	params.Add("user", username)
	params.Add("password", password)
	payload := strings.NewReader(params.Encode())
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	audit("Recieved Login request from: " + RealIP)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Add("Accept", "text/plain")
	res, err := client.Do(req)
	cockie := res.Cookies()
	token := cockie[0].Raw
	ba := basicAuth(username, password)
	token = token + "Basic " + ba + ";"
	//fmt.Println("Token:", token)
	defer res.Body.Close()
	//fmt.Println(res.StatusCode)
	if res.StatusCode == 200 {
		User = getUserInfo(token, username)
		//fmt.Println(user.Result)
		tokens, err := generateTokenPair(User, token)
		if err != nil {
			return err
		}

		return c.JSON(http.StatusOK, tokens)
	}

	return echo.ErrUnauthorized
}
func getUserInfo(token string, username string) userInfo {
	//fmt.Println("Checking for User: ", username)
	url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "method": "user_show",
    "params": [
        [
            "%s"
        ],
        {
            "all": true,
            "version": "2.215"
        }
    ],
    "id": 0
}
`, username)

	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, url, payload)

	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	defer res.Body.Close()
	body, err := ioutil.ReadAll(res.Body)
	//fmt.Println("Getting Data for Response: ", body)
	user := userInfo{}
	json.Unmarshal(body, &user)
	//fmt.Println("Getting Data for User: ", user.Result.Result.Uidnumber)
	return user
}
func (h *handler) uuidgen(c echo.Context) error {
	resource := c.FormValue("resource")
	id, code := uuidgen(resource)

	resp := _response{
		Origin:  "uuidgen",
		Message: id,
		Code:    code,
	}
	//b, _ := json.MarshalIndent(resp, "", "  ")
	//return c.String(http.StatusOK, string(b))
	return c.JSON(http.StatusOK, resp)
}
func (h *handler) addUser(c echo.Context) error {
	type apiErr struct {
		Result interface{} `json:"result"`
		Error  struct {
			Code    int    `json:"code"`
			Message string `json:"message"`
			Data    struct {
			} `json:"data"`
			Name string `json:"name"`
		} `json:"error"`
		ID        int    `json:"id"`
		Principal string `json:"principal"`
		Version   string `json:"version"`
	}
	type addUser struct {
		Result struct {
			Result struct {
				Displayname           []string `json:"displayname"`
				UID                   []string `json:"uid"`
				Uidnumber             []string `json:"uidnumber"`
				Objectclass           []string `json:"objectclass"`
				Sn                    []string `json:"sn"`
				Telephonenumber       []string `json:"telephonenumber"`
				Cn                    []string `json:"cn"`
				Krbpasswordexpiration []struct {
					Datetime string `json:"__datetime__"`
				} `json:"krbpasswordexpiration"`
				Mobile           []string `json:"mobile"`
				Krbprincipalname []string `json:"krbprincipalname"`
				Ipauniqueid      []string `json:"ipauniqueid"`
				Givenname        []string `json:"givenname"`
				Gidnumber        []string `json:"gidnumber"`
				Krbcanonicalname []string `json:"krbcanonicalname"`
				Mail             []string `json:"mail"`
				Initials         []string `json:"initials"`
				Homedirectory    []string `json:"homedirectory"`
				Loginshell       []string `json:"loginshell"`
				Gecos            []string `json:"gecos"`
				Randompassword   string   `json:"randompassword"`
				HasPassword      bool     `json:"has_password"`
				HasKeytab        bool     `json:"has_keytab"`
				MemberofGroup    []string `json:"memberof_group"`
				Dn               string   `json:"dn"`
			} `json:"result"`
			Value   string `json:"value"`
			Summary string `json:"summary"`
		} `json:"result"`
		Error     string `json:"error"`
		ID        int    `json:"id"`
		Principal string `json:"principal"`
		Version   string `json:"version"`
	}
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	b, err := json.Marshal(claims)
	if err != nil {
		fmt.Println("err:", err)
	}
	//fmt.Println("AddUser Claims: ", claims)
	//fmt.Println("AddUser token: ", token)
	username := c.FormValue("Username")
	sha256 := sha256.Sum256([]byte(username))
	var hashChannel = make(chan []byte, 1)
	hashChannel <- sha256[:]
	ciphertext := encrypt(<-hashChannel, string(b))
	//fmt.Println("B: ", string(b))
	//fmt.Println("Ciphere: ", ciphertext)
	sn := c.FormValue("Lname")
	cn := c.FormValue("FullName")
	givenname := c.FormValue("Fname")
	displayname := c.FormValue("displayname")
	krbpasswordexpiration := c.FormValue("krbpasswordexpiration")
	mail := c.FormValue("mail")
	telephonenumber := c.FormValue("telephonenumber")
	mobile := c.FormValue("mobile")
	pager := c.FormValue("nationalID")
	_url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "id": 0,
    "method": "user_add/1",
    "params": [
        [
            "%s"
        ],
        {
            "givenname": "%s",
            "sn": "%s",
            "cn":"%s",
            "displayname":"%s",
            "loginshell":"/usr/sbin/nologin",
            "krbpasswordexpiration":"%s",
            "mail":"%s",
            "random":"true",
            "gidnumber":"599200001",
            "telephonenumber":"%s",
            "mobile":"%s",
            "pager":"%s",
            "version": "2.235"
        }
    ]
}
`, username, givenname, sn, cn, displayname, krbpasswordexpiration, mail, telephonenumber, mobile, pager)
	__json := fmt.Sprintf(`
{
    "id": 0,
    "method": "group_add_member/1",
    "params": [
        [
            "svcaccounts"
        ],
        {
            "user": [
                "%s"
            ],
            "version": "2.235"
        }
    ]
}
`, username)
	payload := strings.NewReader(_json)
	_payload := strings.NewReader(__json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	_req, _ := http.NewRequest(method, _url, _payload)
	_req.Header.Add("Referer", URL+"/ipa")
	_req.Header.Add("Content-Type", "application/json")
	_req.Header.Add("Accept", "text/plain")
	_req.Header.Add("Cookie", token)
	client.Do(_req)
	defer res.Body.Close()
	body, err := ioutil.ReadAll(res.Body)
	result := addUser{}
	_err := json.Unmarshal(body, &result)
	//	fmt.Println(result)
	if _err != nil {
		_apiErr := apiErr{}
		__err := json.Unmarshal(body, &_apiErr)
		if __err != nil {
			return c.String(http.StatusBadRequest, "Error of error!!")
		}
		//res2B, _ := json.Marshal(_apiErr)
		//return c.String(http.StatusBadRequest, string(res2B))
		resp := _response{
			Origin:  "AddUser",
			Message: _apiErr.Error.Name + ": " + _apiErr.Error.Message,
			Code:    _apiErr.Error.Code,
		}
		return c.JSON(http.StatusNotFound, resp)
		//return c.JSON(http.StatusBadRequest, _apiErr)
	}
	shortLink := setResetKey(ciphertext, username)
	go sendMail("Welcome to ZiCloud\r\n Your temporary link is :\r\n http://zi-cloud.ir/reset/"+url.QueryEscape(shortLink), "Welcome to ZiCloud", mail, nil)
	//go sendMail("Welcome to ZiCloud\r\n Your temporary link is :\r\n https://zicloud.com/reset/"+url.QueryEscape(ciphertext), "Welcome to ZiCloud", mail)
	resp := _response{
		Origin:  "addUser",
		Message: "Done, Reset Link was sent to your email",
		Code:    1000,
	}
	//b, _ = json.MarshalIndent(resp, "", "  ")
	//return c.String(http.StatusOK, string(b))
	return c.JSON(http.StatusOK, resp)
}
func (h *handler) disableUser(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	username := c.FormValue("Username")
	url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "id": 0,
    "method": "user_disable/1",
    "params": [
        [
            "%s"
        ],
        {
            "version": "2.235"
        }
    ]
}
`, username)
	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	if err != nil {
		//return c.String(http.StatusBadRequest, "Error"+err.Error())
		return c.JSON(http.StatusOK, "Error"+err.Error())
	}
	defer res.Body.Close()
	resp := _response{
		Origin:  "disableUser",
		Message: "Done",
		Code:    1000,
	}
	//b, _ := json.MarshalIndent(resp, "", "  ")
	return c.JSON(http.StatusOK, resp)
	//return c.String(http.StatusOK, string(b))
}
func (h *handler) resetUser(c echo.Context) error {
	type keyJson struct {
		IPAToken string   `json:"IPAToken"`
		Admin    bool     `json:"admin"`
		Exp      int      `json:"exp"`
		Memberof []string `json:"memberof"`
		Name     string   `json:"name"`
		Sub      int      `json:"sub"`
	}
	t := time.Now() //%Y%m%d%H%M%SZ
	t = t.Add(time.Hour * 24 * 60)
	//username := c.FormValue("Username")
	password := c.FormValue("Password")
	short := c.FormValue("key")
	key, username := getResetKey(short)
	if len(key) < 5 {
		resp := _response{
			Origin:  "resetUser",
			Message: "Link has been expired",
			Code:    1001,
		}
		//b, _ := json.MarshalIndent(resp, "", "  ")
		return c.JSON(http.StatusOK, resp)
	}
	//key, _ = url.QueryUnescape(key)
	_sha256 := sha256.Sum256([]byte(username))
	var hashChannel = make(chan []byte, 1)
	hashChannel <- _sha256[:]
	plainkey := decrypt(<-hashChannel, key)
	_plainkey := keyJson{}
	json.Unmarshal([]byte(plainkey), &_plainkey)
	_name := _plainkey.Name
	//_sha256 := sha256.Sum256([]byte(string("")))
	var hashChannel_ = make(chan []byte, 1)
	__sha256 := sha256.Sum256([]byte(_name))
	hashChannel_ <- __sha256[:]
	token := decrypt(<-hashChannel_, string(_plainkey.IPAToken))
	//	token := _plainkey.IPAToken
	_url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "id": 0,
    "method": "user_mod/1",
    "params": [
        [
            "%s"
        ],
        {
			"userpassword":"%s",
            "version": "2.235"
        }
    ]
}
`, username, password)
	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	//fmt.Println(token)
	//fmt.Println(_json)
	//fmt.Println(req)
	//fmt.Println(res)
	_json = fmt.Sprintf(`
{
    "id": 0,
    "method": "user_mod/1",
    "params": [
        [
            "%s"
        ],
        {
            "krbpasswordexpiration":"%s",
            "version": "2.235"
        }
    ]
}
`, username, t.Format("2006-01-02")+"Z")
	payload = strings.NewReader(_json)
	req, err = http.NewRequest(method, _url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	err = nil
	res, err = client.Do(req)
	//fmt.Println(token)
	//fmt.Println(_json)
	//fmt.Println(req)
	//fmt.Println(res)
	if err != nil {
		//return c.String(http.StatusBadRequest, "Error"+err.Error())
		return c.JSON(http.StatusBadRequest, "Error"+err.Error())
	}
	defer res.Body.Close()
	resp := _response{
		Origin:  "resetUser",
		Message: "Done",
		Code:    1000,
	}
	expireResetKey(username)
	//b, _ := json.MarshalIndent(resp, "", "  ")
	return c.JSON(http.StatusOK, resp)
	//return c.String(http.StatusOK, string(b))
}
func (h *handler) dnsrecordadd(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	recordName := c.FormValue("recordName")
	record := c.FormValue("record")
	url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "id": 0,
    "method": "dnsrecord_add/1",
    "params": [
        [
            "ZI-TEL.COM",
            {
                "__dns_name__": "%s"
            }
        ],
        {
            "a_part_ip_address": "%s",
            "raw": true,
            "version": "2.235"
        }
    ]
}
`, recordName, record)
	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	if err != nil {
		//return c.String(http.StatusBadRequest, "Error"+err.Error())
		return c.JSON(http.StatusBadRequest, "Error"+err.Error())
	}
	//body, err := ioutil.ReadAll(res.Body)
	//_res:=result{}
	//json.Unmarshal(body, &_res)
	//fmt.Println(_res)
	defer res.Body.Close()
	resp := _response{
		Origin:  "dnsrecordadd",
		Message: "Done",
		Code:    1000,
	}
	//b, _ := json.MarshalIndent(resp, "", "  ")
	return c.JSON(http.StatusOK, resp)
	//return c.String(http.StatusOK, string(b))
}
func (h *handler) token(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	username := claims["name"].(string)
	//fmt.Println("User: ",username)
	//fmt.Println("Token : ",token)
	_user := getUserInfo(token, username)
	fmt.Println("User: ", _user.Result.Summary)
	newtokens, err := generateTokenPair(_user, token)
	if err != nil {
		return err
	}
	return c.JSON(http.StatusOK, newtokens)
}
func (h *handler) verifyUser(c echo.Context) error {
	name := c.FormValue("Username")
	//fmt.Println("Name: ", name)
	if name == "" {
		return c.JSON(http.StatusNotFound, "User NOT Found")
	}
	username := "admin"
	password := "h?_QJp5^&9FNc9w="
	_url := URL + "/ipa/session/login_password"
	method := "POST"
	params := url.Values{}
	///TODO: remove admin password
	params.Add("user", username)
	params.Add("password", password)
	payload := strings.NewReader(params.Encode())
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	audit("Recieved Login request from: " + RealIP)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Add("Accept", "text/plain")
	res, err := client.Do(req)
	cockie := res.Cookies()
	token := cockie[0].Raw
	defer res.Body.Close()
	//fmt.Println(token)
	if res.StatusCode == 200 {
		user := getUserInfo(token, name)
		if user.Result.Value != name {
			resp := _response{
				Origin:  "VerifyUser",
				Message: "User Not Found",
				Code:    1000,
			}
			//b, _errr := json.MarshalIndent(resp, "", "  ")
			//b, _= json.Marshal(resp)
			//if _errr != nil {
			//	fmt.Println(_errr)
			//}
			//fmt.Print(string(b))
			return c.JSON(http.StatusOK, resp)
		}
	}
	resp := _response{
		Origin:  "VerifyUser",
		Message: "User Found",
		Code:    1001,
	}
	//b, _ := json.MarshalIndent(resp, "", "  ")

	return c.JSON(http.StatusNotFound, resp)
}
func (h *handler) forgetpassword(c echo.Context) error {

	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	_type := c.FormValue("type")
	_data := c.FormValue("data")
	url := URL + "/ipa/session/json"
	method := "POST"
	__type, _ := strconv.Atoi(_type)
	_json := ""
	if __type == 1 {
		// email
		_json = fmt.Sprintf(`
{
  "id": 0,
    "method": "user_find/1",
    "params": [
        [],
        {
            "mail": [
                "%s"
            ],
            "version": "2.235"
        }
    ]
}
`, _data)
	} else if __type == 2 {
		// username
		_json = fmt.Sprintf(`
{
  "id": 0,
    "method": "user_find/1",
    "params": [
        [
            "%s"
        ],
        {
            "version": "2.235"
        }
    ]
}
`, _data)
	} else if __type == 3 {
		//mobile
		_json = fmt.Sprintf(`
{
    "id": 0,
    "method": "user_find/1",
    "params": [
        [],
        {
            "mobile": [
                "%s"
            ],
            "version": "2.235"
        }
    ]
}
`, _data)

	} else {
		resp := _response{
			Origin:  "forgetpassword",
			Message: "unknown requested type",
			Code:    1001,
		}
		return c.JSON(http.StatusNotFound, resp)
	}
	//fmt.Println(_json)
	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, url, payload)

	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	defer res.Body.Close()
	body, err := ioutil.ReadAll(res.Body)
	//fmt.Println("Getting Data for Response: ", body)
	_user := user_findResult{}
	json.Unmarshal(body, &_user)
	fmt.Println("find in forgetpass : ", _user.Result.Count)
	if _user.Result.Count != 1 {
		resp := _response{
			Origin:  "forgetpassword",
			Message: "Something goes wrong",
			Code:    1001,
		}
		return c.JSON(http.StatusNotFound, resp)
	}
	b, err := json.Marshal(claims)
	if err != nil {
		fmt.Println("err:", err)
	}
	//fmt.Println("AddUser Claims: ", claims)
	//fmt.Println("AddUser token: ", token)
	username := _user.Result.Result[0].UID[0]
	sha256 := sha256.Sum256([]byte(username))
	var hashChannel = make(chan []byte, 1)
	hashChannel <- sha256[:]
	ciphertext := encrypt(<-hashChannel, string(b))
	shortLink := setResetKey(ciphertext, username)
	key, _ := getResetKey(username)
	if len(key) > 5 {
		resp := _response{
			Origin:  "forgetpassword",
			Message: "A resetLink request with this email already exists",
			Code:    1003,
		}
		return c.JSON(http.StatusNotFound, resp)
	}
	go sendMail("Your temporary link is :\r\n https://zi-cloud.ir/reset/"+shortLink, "ResetPassword Link", _user.Result.Result[0].Mail[0], nil)

	resp := _response{
		Origin:  "forgetpassword",
		Message: "You will receive an email with a link to reset your password",
		Code:    1000,
	}
	return c.JSON(http.StatusNotFound, resp)
}
func setResetKey(key string, username string) string {
	short := uniuri.NewLen(32)
	db, err := sql.Open("mysql", MySQLUSER+":"+MySQLPASS+"@tcp(127.0.0.1:3306)/zicloud")
	if err != nil {
		return ""
	}
	defer db.Close()
	insert, err := db.Query("INSERT INTO url_shortener VALUES ( '" + short + "'," +
		"'" + key + "'," +
		"NOW() + INTERVAL 1 HOUR" + "," +
		"'" + "setResetKey" + "'," +
		"'" + username + "'," +
		"1" +
		" )")
	defer insert.Close()
	return short
}
func getResetKey(short string) (string, string) {
	db, _ := sql.Open("mysql", MySQLUSER+":"+MySQLPASS+"@tcp(127.0.0.1:3306)/zicloud")
	results, _ := db.Query("SELECT `long` as `long`, related_obj as username FROM url_shortener where active=1 and short='" + short + "' and expiration > NOW()")
	var key, username string
	for results.Next() {
		err := results.Scan(&key, &username)
		if err != nil {
			return "ERR", "ERR"
		}
	}

	return key, username
}
func expireResetKey(username string) {
	db, err := sql.Open("mysql", MySQLUSER+":"+MySQLPASS+"@tcp(127.0.0.1:3306)/zicloud")
	if err != nil {
		return
	}
	update, err := db.Query("update url_shortener set active='0' where related_obj='" + username + "'")
	defer db.Close()
	defer update.Close()

}
func (h *handler) ListServices(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	//IPAUid:=claims["IPAUid"]
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	_BA := strings.Split(token, ";")
	BA := _BA[len(_BA)-2]
	db, _ := sql.Open("mysql", MySQLUSER+":"+MySQLPASS+"@tcp(127.0.0.1:3306)/zicloud")
	results, _ := db.Query("SELECT `type` as `type`, uuid as Service_uuid , active , objectName FROM service_profile where uid=" + claims["IPAUid"].(string) + " and active!='-1'")
	activeCount := 0
	totalCount := 0
	activeVMCount := 0
	totalVMCount := 0
	var cpu, mem float64
	var _type, service_uuid, active, objectName string
	///TODO: too SLOW
	var wg sync.WaitGroup
	for results.Next() {
		err := results.Scan(&_type, &service_uuid, &active, &objectName)
		if err != nil {
			resp := _response{
				Origin:  "ListServices",
				Message: "Listing Error",
				Code:    1001,
			}
			//b, _ := json.MarshalIndent(resp, "", "  ")
			return c.JSON(http.StatusInternalServerError, resp)
		}
		if _type == "VM" {
			if active == "1" {
				wg.Add(1)
				go func(activeCount *int, activeVMCount *int, cpu *float64, mem *float64, totalCount *int, totalVMCount *int, suid string) {
					_, _cpu, _mem, err := vmStatistics(BA, suid)
					defer wg.Done()
					//fmt.Println("Service UUID: ",suid)
					if err != nil {
						//fmt.Println("Error in vmDetails : ", err)
						//continue
						*totalVMCount--
						*totalCount--
						return
					}
					*activeCount++
					*activeVMCount++
					*cpu += _cpu
					*mem += _mem
				}(&activeCount, &activeVMCount, &cpu, &mem, &totalCount, &totalVMCount, service_uuid)
				//_, _cpu, _mem, err := vmStatistics(BA, service_uuid)
				//if err != nil {
				//	fmt.Println("Error in vmDetails : ", err)
				//	continue
				//}
				//activeCount++
				//fmt.Println("activeCount:", activeCount)
				//fmt.Println(vmStatistics(BA,service_uuid))
				//activeVMCount++
				//cpu += _cpu
				//mem += _mem
			}
			totalCount++
			totalVMCount++
		}
	}
	wg.Wait()
	//fmt.Println(activeVMCount)
	//fmt.Println(activeCount)
	//fmt.Println(totalCount)
	//fmt.Println(totalVMCount)
	//SL := ServiceList{
	//	TotalCount:    string(totalCount),
	//	ActiveCount:   string(activeCount),
	//	ActiveVMCount: string(activeVMCount),
	//	TotalVMCount:  string(totalVMCount),
	//}
	type AutoGenerated struct {
		Message struct {
			TotalCount    string `json:"TotalCount"`
			ActiveCount   string `json:"ActiveCount"`
			ActiveVMCount string `json:"ActiveVMCount"`
			TotalVMCount  string `json:"TotalVMCount"`
			TotalCPUUsage string `json:"TotalCPUUsage"`
			TotalMemUsage string `json:"TotalMemUsage"`
		} `json:"message"`
		Origin string `json:"origin"`
		Code   int    `json:"code"`
	}
	resp := AutoGenerated{
		Message: struct {
			TotalCount    string `json:"TotalCount"`
			ActiveCount   string `json:"ActiveCount"`
			ActiveVMCount string `json:"ActiveVMCount"`
			TotalVMCount  string `json:"TotalVMCount"`
			TotalCPUUsage string `json:"TotalCPUUsage"`
			TotalMemUsage string `json:"TotalMemUsage"`
		}{
			TotalCount:    strconv.Itoa(totalCount),
			ActiveCount:   strconv.Itoa(activeCount),
			ActiveVMCount: strconv.Itoa(activeVMCount),
			TotalVMCount:  strconv.Itoa(totalVMCount),
			TotalCPUUsage: fmt.Sprintf("%f", 100*cpu/float64(activeVMCount)),
			TotalMemUsage: fmt.Sprintf("%f", 100*mem/float64(activeVMCount)),
		},
		Origin: "ListServices",
		Code:   1000,
	}
	return c.JSON(http.StatusOK, resp)
}
func (h *handler) PriceCalc(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	db, _ := sql.Open("mysql", MySQLUSER+":"+MySQLPASS+"@tcp(127.0.0.1:3306)/zicloud")
	_, _ = db.Query("SELECT uuid as UUID ,task_apiCall as TaskAPICall , cron_expression as CronExpression , related_uuid as Ruuid, type FROM scheduler where active=1")
	_, _ = db.Query("SELECT uuid as UUID ,task_apiCall as TaskAPICall , cron_expression as CronExpression , related_uuid as Ruuid, type FROM scheduler where active=1")
	_, _ = db.Query("SELECT uuid as UUID ,task_apiCall as TaskAPICall , cron_expression as CronExpression , related_uuid as Ruuid, type FROM scheduler where active=1")
	db.Close()
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	//token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	cpu, _ := strconv.Atoi(c.FormValue("cpu"))
	mem, _ := strconv.Atoi(c.FormValue("mem"))
	hdd, _ := strconv.Atoi(c.FormValue("hdd"))
	nic, _ := strconv.Atoi(c.FormValue("nic"))
	period, _ := strconv.Atoi(c.FormValue("period"))
	type PriceCalculator struct {
		Data struct {
			TotalPrice string `json:"TotalPrice"`
		} `json:"message"`
		Origin string `json:"origin"`
		Code   int    `json:"code"`
	}
	resp := PriceCalculator{
		Data: struct {
			TotalPrice string `json:"TotalPrice"`
		}{TotalPrice: strconv.Itoa((cpu*500 + mem + 10 + hdd*19 + nic*10000) * period)},
		Origin: "PriceCalc",
		Code:   1000,
	}
	return c.JSON(http.StatusOK, resp)
}
func (h *handler) showUser(c echo.Context) error {

	type response struct {
		Message struct {
			Username   string `json:"Username"`
			Firstname  string `json:"Firstname"`
			LastName   string `json:"LastName"`
			PhoneNo    string `json:"PhoneNo."`
			NationalID string `json:"NationalID"`
			Email      string `json:"email"`
		} `json:"message"`
		Origin string `json:"origin"`
		Code   int    `json:"code"`
	}
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	userName := c.FormValue("username")
	_userInfo := getUserInfo(token, userName)
	///TODO: handle uncompleted profiles
	if _userInfo.Error != nil {
		//fmt.Println("Error on ListVM",err)
		//return CPUPrice, memPrice, StoragePrice, IPPrice, extraBWPrice
		resp := _response{
			Origin:  "showUser",
			Message: "Error in Showing User",
			Code:    1001,
		}
		return c.JSON(http.StatusInternalServerError, resp)
	}
	userInfo := response{
		Message: struct {
			Username   string `json:"Username"`
			Firstname  string `json:"Firstname"`
			LastName   string `json:"LastName"`
			PhoneNo    string `json:"PhoneNo."`
			NationalID string `json:"NationalID"`
			Email      string `json:"email"`
		}{
			Username:   _userInfo.Result.Result.UID[0],
			Firstname:  _userInfo.Result.Result.Givenname[0],
			LastName:   _userInfo.Result.Result.Sn[0],
			PhoneNo:    _userInfo.Result.Result.Mobile[0],
			NationalID: _userInfo.Result.Result.Pager[0],
			Email:      _userInfo.Result.Result.Mail[0],
		},
		Origin: "showUser",
		Code:   1000,
	}
	return c.JSON(http.StatusOK, userInfo)
}
func (h *handler) editUser(c echo.Context) error {
	type apiErr struct {
		Result interface{} `json:"result"`
		Error  struct {
			Code    int    `json:"code"`
			Message string `json:"message"`
			Data    struct {
			} `json:"data"`
			Name string `json:"name"`
		} `json:"error"`
		ID        int    `json:"id"`
		Principal string `json:"principal"`
		Version   string `json:"version"`
	}
	type editUser struct {
		Result struct {
			Result struct {
				Displayname           []string `json:"displayname"`
				UID                   []string `json:"uid"`
				Uidnumber             []string `json:"uidnumber"`
				Objectclass           []string `json:"objectclass"`
				Sn                    []string `json:"sn"`
				Telephonenumber       []string `json:"telephonenumber"`
				Cn                    []string `json:"cn"`
				Krbpasswordexpiration []struct {
					Datetime string `json:"__datetime__"`
				} `json:"krbpasswordexpiration"`
				Mobile           []string `json:"mobile"`
				Krbprincipalname []string `json:"krbprincipalname"`
				Ipauniqueid      []string `json:"ipauniqueid"`
				Givenname        []string `json:"givenname"`
				Gidnumber        []string `json:"gidnumber"`
				Krbcanonicalname []string `json:"krbcanonicalname"`
				Mail             []string `json:"mail"`
				Initials         []string `json:"initials"`
				Homedirectory    []string `json:"homedirectory"`
				Loginshell       []string `json:"loginshell"`
				Gecos            []string `json:"gecos"`
				Randompassword   string   `json:"randompassword"`
				HasPassword      bool     `json:"has_password"`
				HasKeytab        bool     `json:"has_keytab"`
				MemberofGroup    []string `json:"memberof_group"`
				Dn               string   `json:"dn"`
			} `json:"result"`
			Value   string `json:"value"`
			Summary string `json:"summary"`
		} `json:"result"`
		Error     string `json:"error"`
		ID        int    `json:"id"`
		Principal string `json:"principal"`
		Version   string `json:"version"`
	}
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	username := c.FormValue("Username")
	sha256 := sha256.Sum256([]byte(username))
	var hashChannel = make(chan []byte, 1)
	hashChannel <- sha256[:]
	sn := c.FormValue("Lname")
	cn := c.FormValue("FullName")
	givenname := c.FormValue("Fname")
	mail := c.FormValue("mail")
	telephonenumber := c.FormValue("telephonenumber")
	mobile := c.FormValue("mobile")
	pager := c.FormValue("nationalID")
	_url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "id": 0,
    "method": "user_mod/1",
    "params": [
        [
            "%s"
        ],
        {
            "cn": "%s",
            "givenname": "%s",
            "mail": [
                "%s"
            ],
            "mobile": [
                "%s"
            ],
            "pager": [
                "%s"
            ],
            "sn": "%s",
            "telephonenumber": [
                "%s"
            ],
            "version": "2.235"
        }
    ]
}
`, username, cn, givenname, mail, mobile, pager, sn, telephonenumber)
	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	defer res.Body.Close()
	body, err := ioutil.ReadAll(res.Body)
	result := editUser{}
	_err := json.Unmarshal(body, &result)
	if _err != nil {
		_apiErr := apiErr{}
		__err := json.Unmarshal(body, &_apiErr)
		if __err != nil {
			return c.String(http.StatusBadRequest, "Error of error!!")
		}
		resp := _response{
			Origin:  "editUser",
			Message: _apiErr.Error.Name + ": " + _apiErr.Error.Message,
			Code:    _apiErr.Error.Code,
		}
		return c.JSON(http.StatusNotFound, resp)
	}
	resp := _response{
		Origin:  "editUser",
		Message: "Done",
		Code:    1000,
	}
	return c.JSON(http.StatusOK, resp)
}