#!/bin/bash

die() { echo >&2 "$@" ; exit 1 ; }
PATH=$PATH:/opt/keycloak/bin

USERNAME="$1"
EMAIL="$2"

if [ -z "$USERNAME" ] || [ -z "$EMAIL" ]; then
	die "usage: $0 username email"
fi

kcadm.sh create users \
	-r $REALM \
	-s enabled=true \
	-s "username=$USERNAME" \
	-s "email=$EMAIL" \
|| die "$USERNAME: unable to create"

ID="$(kcadm.sh get users \
	-r "$REALM" \
	--fields id \
	-q username="$USERNAME" \
	--format csv \
	--noquotes \
)"

if [ -z "$ID" ]; then
	die "$USERNAME: unable to fetch UID"
fi

echo "$USERNAME: $ID"

echo -n '["UPDATE_PASSWORD"]' | \
kcadm.sh update \
	"users/$ID/execute-actions-email" \
	-r $REALM \
	-q client_id=hedgedoc \
	-q redirect_uri="https://${HEDGEDOC_HOSTNAME}.${DOMAIN_NAME}/s/Getting_started" \
	-f - \
|| die "$USERNAME: unable to send email?"

echo "$USERNAME: email sent!"