<?php
/**
 * Report certificate details.
 *
 * @package PHP_Cert_Reporter
 */

namespace PHP_Cert_Reporter;

/**
 * Load table renderer.
 */
require_once __DIR__ . '/vendor/autoload.php';

/**
 * Display certificate details in a table.
 *
 * Suitable for use in CI.
 *
 * @param bool $exit Exit with status code indicating if expired certificates were found.
 */
function report( $exit = true ): void {
	$data = [
		[
			'Filename',
			'CN',
			'Expires',
			'Days Left',
		],
	];

	$dir_includes_expired = false;

	printf( 'RESULTS FOR `%1$s`%2$s', getcwd(), "\n" );

	foreach ( glob( '*.crt', GLOB_NOSORT ) as $cert ) {
		$path = getcwd() . '/' . $cert;
		$x509 = openssl_x509_parse( file_get_contents( $path ) );

		if ( ! is_array( $x509 ) ) {
			printf( 'Failed to parse certificate from `%1$s`%2$s', $path, "\n\n" );
			continue;
		}

		$cert_data = [
			0 => $cert,
			1 => $x509['subject']['CN'],
			2 => date( 'Y-m-d H:i:s T', $x509['validTo_time_t'] ),
			3 => (int) round( ( $x509['validTo_time_t'] - time() ) / 86400 ),
		];

		// Alert if any expire within the next 30 days.
		if ( ! $dir_includes_expired && $cert_data[3] - 30 <= 0 ) {
			$dir_includes_expired = true;
		}

		$data[] = $cert_data;
	}

	$table = new \cli\Table( array_shift( $data ), $data );
	$table->setRenderer( new \cli\table\Ascii() );
	$table->sort( 2 );
	$table->display();

	if ( $dir_includes_expired ) {
		echo "EXPIRING CERTIFICATES FOUND!\n";
	}

	if ( $exit ) {
		exit( $dir_includes_expired ? 1 : 0 );
	}
}
report();