#!/usr/bin/python3

from salt.utils.stringutils import get_diff


def fetched(name=None,
            url="http://pki",
            username=None,
            password=None,
            domains=None,
            certfile=None,
            fullcertfile=None,
            keyfile=None):

    ret = {
        'name': name,
        'changes': {},
        'result': False,
        'comment': 'Config is not up to date'
    }

    currentcert = None
    currentkey = None
    domain_concat = ",".join(domains)

    currentcert = __salt__['pki.get_file_content'](checkfile=certfile)
    currentkey = __salt__['pki.get_file_content'](checkfile=keyfile)
    currentfullcert = __salt__['pki.get_file_content'](checkfile=fullcertfile)

    newcert, newkey = __salt__['pki.get_pki_cert'](url=url,
                                                   username=username,
                                                   password=password,
                                                   domains=domain_concat)
    newfullcert = f"{newcert}\n\n{newkey}"

    if all([newcert,newkey,newfullcert]):
        if currentcert != newcert or currentkey != newkey or currentfullcert != newfullcert:
            wcert = __salt__['pki.write_file_content'](newcert, certfile)
            wkey = __salt__['pki.write_file_content'](newkey, keyfile)
            wfullcert = __salt__['pki.write_file_content'](newfullcert, fullcertfile)

            if currentcert and currentkey:
                ret["changes"]["old"] = "\n".join([currentcert, currentkey])
            else:
                ret["changes"]["old"] = ""
            ret["changes"]["new"] = "\n".join([newcert, newkey])
            ret["changes"]["diff"] = get_diff(ret["changes"]["old"],
                                              ret["changes"]["new"])
            ret["comment"] = "Updated certificates and keys"
            ret["result"] = all([wcert, wkey, wfullcert])
        else:
            ret["comment"] = "Config is good and not changed"
            ret["result"] = True
    else:
        ret["comment"] = "Error fetching in certificate / key length"
        return ret

    return ret