# -*-shell-script-*-
# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)

# Monkeysphere update_authorized_keys subcommand
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@finestructure.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2010, and are all released under the GPL, version
# 3 or later.

update_authorized_keys() {
    local newUmask
    local tmpFile

    if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
	log error "empty or absent authorized_user_ids file."
	failure
    fi
    check_key_file_permissions $(whoami) "$AUTHORIZED_USER_IDS" \
	|| failure "Bad permissions governing authorized_user_ids file '$AUTHORIZED_USER_IDS'"

    # touch the authorized_keys file so that the file permission check
    # below won't fail upon not finding the file
    touch_key_file_or_fail "$AUTHORIZED_KEYS"
    check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" \
	|| failure "Bad permissions governing authorized_keys file $AUTHORIZED_KEYS"

    lock create "$AUTHORIZED_KEYS"

    # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
    trap "log debug TRAP; lock remove $AUTHORIZED_KEYS" EXIT

    tmpFile=$(mktemp "${AUTHORIZED_KEYS}.monkeysphere.XXXXXX")

    trap "log debug TRAP; lock remove $AUTHORIZED_KEYS; rm -f $tmpFile" EXIT

    # remove any monkeysphere lines from authorized_keys file this is
    # to insure that that all old authorized keys that are no longer
    # authorized are removed
    log debug "removing old monkeysphere lines..."
    remove_monkeysphere_lines <"$AUTHORIZED_KEYS" >"$tmpFile" || true

    process_authorized_user_ids "$tmpFile" \
	< "$AUTHORIZED_USER_IDS"

    if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$(file_hash "$tmpFile")" ] ; then
	mv -f "$tmpFile" "$AUTHORIZED_KEYS"
	log verbose "authorized_keys file updated."
    else
	rm -f "$tmpFile"
    fi

    lock remove "$AUTHORIZED_KEYS"

    trap - EXIT
}