package main

import (
	`r00t2.io/vault_totp/internal`
)

type (
	Args struct {
		internal.CommonArgs
		Mounts Mounts  `env-namespace:"VTOTP_MNT" group:"Vault Mounts" namespace:"vmnt"`
		Gen    GenOpts `env-namespace:"VTOTP_GEN" group:"TOTP Seed Generation"`
	}
	Mounts struct {
		Auth     string `env:"AUTHN" short:"a" long:"auth" default:"ldap" description:"The authentication mountpoint for users/entities. Must currently be mounted/configured."`
		TotpPath string `env:"PATH" short:"T" long:"path" default:"admin:totp/{{- (index .aliases 0).name -}}" description:"The <mount>:<path> specifier for where to save the TOTP secret/seed data. It is normally non-retrievable after generation. The mount name must be a pre-existing KVv2 mount. If the secret exists, it will be overwritten/merged at the root secret level. Supports text/template against the data returned by -l/--lookup-only. Set to an explicitly empty string to disable."`
	}
	GenOpts struct {
		Force        bool              `env:"FORCE" short:"f" long:"force" description:"Force regenerating the TOTP seed/secret if already set."`
		Silent       bool              `env:"SHH" short:"s" long:"silent" description:"If specified, do not print the TOTP secret information; only store (-T/--totp-path)/dump (-q/--qr-dir) it."`
		QrDir        string            `env:"QRDIR" short:"q" long:"qr-dir" default:"qr_codes" description:"Use this directory to dump QR codes (relative paths are resolved to runtime's current working directory). The files will be named after the matched -e/--entities."`
		NoQr         bool              `env:"NOQR" short:"Q" long:"disable-qr" description:"If specified, do not dump QR codes to -q/--qr-dir."`
		PrintQr      bool              `env:"PQ" short:"p" long:"print-qr" description:"If specified, QR codes will be printed to the console. Overridden by -s/--silent."`
		EntityLookup map[string]string `env:"ENT" short:"e" long:"entity" required:"yes" description:"The lookup criteria for an entity. At least one MUST be provided. Takes the format of e.g. '-e \"<key>:<val>\"' where <key> is one of 'name', 'id', 'alias_id', or 'alias' and <val> is the matching criteria. (You are likely looking for '-e \"alias:<username>\"'). The entity must exist or already be created."`
		LookupOnly   bool              `env:"DRY" short:"l" long:"lookup-only" description:"If specified, only print the JSON object for the matched entity and exit. This can serve as both guidance for -T/--mnt-totp-path and to ensure you are matching the correct entity."`
		LookupFmt    []string          `env:"LFMT" short:"L" long:"lookup-fmt" choice:"dump" choice:"json" description:"The output format for the result of -l/--lookup-only, if specified. More than one may be specified. The default is 'json'."`
	}
)