(ql:quickload '(:cl-ppcre
				:cl-base64
				:ironclad
				:jsown))

(defpackage #:cl-secninja
  (:use #:common-lisp #:cl #:uiop #:cl-ppcre  #:ironclad #:cl-base64))

(in-package #:cl-secninja)

(defvar *url* "redacted")

(defun run-curl (command)
  (let* ((curl-command (concatenate 'string "curl -i " command))
    (result (uiop:run-program curl-command
                              :output :string
                              :error-output T)))
         result))

(defun one ()
  (let* ((command *url*)
		 (result (run-curl *url*)))
	(format t "~%COMMAND: curl ~a" command)
	(format t "~%RESULT: curl ~a" result)
	(car (ppcre:all-matches-as-strings "\\?.*" result))))

(defun two ()
  (let* ((command (concatenate 'string
							   "\"" *url* (one) "\""))
		 (result (run-curl command)))
	result))

(defun three ()
  (let ((headers (ppcre:all-matches-as-strings "X-.*" (two))))
	(print headers)
	(print (car headers))
	(print (cadr headers))
	(let ((command (concatenate 'string
								"\"" *url* "\?step=2" "\""
								" -H \"" (car headers) "\""
								" -H \"" (cadr headers) "\"")))
	  (let ((result (run-curl command)))
		(format t "~%RESULT: curl ~a" result)
		result))))

(defun four ()
  (let*
	  ((data (three))
	   (input
		 (car (ppcre:all-matches-as-strings "(?sm)\{.*}$" data)))
	   (challenge
		 (string-left-trim "challenge: " (car (ppcre:all-matches-as-strings "challenge:(.*)" data))))
	   (timestamp
		 (string-left-trim "timestamp: " (car (ppcre:all-matches-as-strings "timestamp:(.*)" data))))
	   (sorted (sort (cdr (jsown:parse input)) #'string<= :key #'first))
	   (connected
		 (string-right-trim "\&"
							(format nil "~{~A~}"
									(loop
									  for item in sorted
									  collect
									  (concatenate 'string  (car item) "\=" (cdr item) "\&")))))
	   (hash (sha-256 connected))
	   (command
		 (string-right-trim "\-"
							(concatenate 'string
										 "-X POST \"" *url* "\?step=3" "\""
										 " -H \"Content-Type: application/x-www-form-urlencoded\" "
										 " -d \"challenge=" challenge "\""
										 " -d \"timestamp=" timestamp "\""
										 " -d \"hash=" hash "\""
										 ))))
	(terpri)
	(print challenge)
	(print timestamp)
	(print hash)
	(terpri)
	(format t "~%COMMAND: curl ~a" command)
	(terpri)
	(let ((result (run-curl command)))
	  (format t "~%RESULT: curl ~a" result))
	(terpri)))

(defun sha-256 (str)
  (ironclad:byte-array-to-hex-string
   (ironclad:digest-sequence :sha256
							 (ironclad:ascii-string-to-byte-array str))))

(defvar *email* (alexandria:read-file-into-string "email"))

(defun base64 ()
  (let ((email *email*))
	(loop repeat 100 do
	  (if (ppcre:scan "@" email)
		  (print email)
		  (setf email (cl-base64:base64-string-to-string email))))))