#!/bin/sh
set -e

[ -n "$DEBUG" ] && set -x
cd "$(dirname "$0")/.."

oidc_scheme=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $1}')
oidc_host=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $4}')
yaml=$(sed -e "s/OAUTH_CLIENT_ID/$OAUTH_CLIENT_ID/" etc/envoy/envoy.yaml)
yaml=$(echo "$yaml" | sed -e "s,https://example.com,$OIDC_ISSUER,")
yaml=$(echo "$yaml" | sed -e "s/example.com/$oidc_host/")

# For http://gdk.test:3000
if [ "$oidc_scheme" = "http" ]; then
  yaml=$(echo "$yaml" | sed -e '/transport_socket:/,+4d')
  oidc_port=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $5}')
  yaml=$(echo "$yaml" | sed -e "s/port_value: 443/port_value: $oidc_port/")
fi

if [ -z "$OAUTH_CLIENT_SECRET" ]; then
  export OAUTH_CLIENT_SECRET="secret"
fi
if [ -z "$HMAC_SESSION_SECRET" ]; then
  export HMAC_SESSION_SECRET="$OAUTH_CLIENT_SECRET"
fi

if ! command -v envoy > /dev/null 2>&1; then
  echo "envoy could not be found: https://www.envoyproxy.io/docs/envoy/latest/start/install"
  exit 1
fi

# https://github.com/envoyproxy/envoy/blob/48f93b68232aba15b5b14743a134691926749122//source/common/common/logger.h#L36
exec envoy \
  --base-id 0 \
  --config-yaml "$yaml" \
  --log-level "$LOG_LEVEL" \
  --component-log-level admin:warn,connection:warn,ext_authz:info,grpc:warn,health_checker:warn,http:warn,http2:warn,jwt:warn,oauth2:warn,router:warn,secret:warn,upstream:warn