import boto3
import json
import urllib.parse
import urllib3
from base64 import b64encode
from botocore.exceptions import ClientError


def get_credentials(secret_name, region_name):
    session = boto3.session.Session()
    client = session.client(
        service_name='secretsmanager',
        region_name=region_name
    )
    try:
        get_secret_value_response = client.get_secret_value(
            SecretId=secret_name
        )
    except ClientError as e:
        raise e
    secret = get_secret_value_response['SecretString']
    return secret

secret_name = "CHANGEME"
region_name = "us-east-1"
secret = get_credentials(secret_name, region_name)
json_creds = json.loads(secret)

CLIENT_ID = json_creds.get("client_id")         # C.R.C service account client_id
CLIENT_SECRET = json_creds.get("client_secret") # C.R.C service account client_secret
bucket = "CHANGEME"                             # Bucket for athena query results

file_name = 'query-data.json'
# file_name = 'finalized-data.json'


def lambda_handler(event, context):
    # Initiate Boto3 s3 and fetch query file
    s3_resource = boto3.resource('s3')
    json_content = json.loads(s3_resource.Object(bucket, file_name).get()['Body'].read().decode('utf-8'))

    # Initiate Boto3 athena Client and attempt to fetch athena results
    athena_client = boto3.client('athena')
    try:
        athena_results = athena_client.get_query_execution(QueryExecutionId=json_content["query_execution_id"])
    except Exception as e:
        return f"Error fetching athena query results: {e} \n Consider increasing the time between running and fetching results"

    reports_list = []
    prefix = json_content["result_prefix"].split(f'{bucket}/')[-1]

    # Initiate Boto3 s3 client
    s3_client = boto3.client('s3')
    result_data = s3_client.list_objects(Bucket=bucket, Prefix=prefix)
    for item in result_data.get("Contents"):
        if item.get("Key").endswith(".csv"):
            reports_list.append(item.get("Key"))

    # Get service account token
    token_url = 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
    token_headers = {
        'Content-Type': 'application/x-www-form-urlencoded'
    }
    token_data = {
        "client_id": CLIENT_ID,
        "client_secret": CLIENT_SECRET,
        "grant_type": "client_credentials"
    }
    http = urllib3.PoolManager()
    encoded_token_data = urllib.parse.urlencode(token_data).encode('utf-8')
    token_response = http.request('post', token_url, headers=token_headers, body=encoded_token_data).data.decode('utf-8')
    token_info = json.loads(token_response)
    if not token_info.get("access_token"):
        return(f"Failed to get token, reason: {token_info}")

    # Post results to console.redhat.com API
    json_data = {"source": json_content["integration_uuid"], "reports_list": reports_list, "bill_year": json_content["bill_year"], "bill_month": json_content["bill_month"]}
    encoded_data = json.dumps(json_data).encode('utf-8')

    headers = {
        'Authorization': f'Bearer {token_info.get("access_token")}',
        'Content-Type': 'application/json'
    }
    url = "https://console.redhat.com/api/cost-management/v1/ingress/reports/"
    resp = http.request('post', url, headers=headers, body=encoded_data)

    return resp.data