#!/bin/bash

# load jupyter-profile script
if test -e /etc/rstudio/jupyter-profile
then
   . /etc/rstudio/jupyter-profile
fi

# session arguments
# escape backslashes in arguments to pass safely to bash below
JUPYTER_ARGS="${@//\\/\\\\}"

if [[ -n "${RS_SESSION_SSL_CERT}" ]]; then
   if [[ -z "${RS_SESSION_SSL_CERT_KEY}" ]]; then
      echo "Error - public key without private key"
      exit 10
   fi

   CERT_DIR="${HOME}/.local/share/rstudio/ssl"
   mkdir -p "${CERT_DIR}"
   find "${CERT_DIR}" -maxdepth 1 -name "cert-*.pem" -mtime +1 -exec rm -f {} \;
   find "${CERT_DIR}" -maxdepth 1 -name "key-*.pem" -mtime +1 -exec rm -f {} \;
   CERT_PID=$$
   CERT_FILE="${CERT_DIR}/cert-${CERT_PID}.pem"
   KEY_FILE="${CERT_DIR}/key-${CERT_PID}.pem"
   rm -f ${CERT_FILE} ${KEY_FILE}
   echo "${RS_SESSION_SSL_CERT}" > "${CERT_FILE}"
   echo "${RS_SESSION_SSL_CERT_KEY}" > "${KEY_FILE}"
   JUPYTER_ARGS="${JUPYTER_ARGS} --certfile ${CERT_FILE} --keyfile ${KEY_FILE}"
elif [[ -n "${RS_SESSION_SSL_CERT_PATH}" ]] ; then
   # eval variables like $HOME and $USER in RS_SESSION_CERT_PATH
   eval CERT_PATH=`echo ${RS_SESSION_SSL_CERT_PATH}`
   eval KEY_PATH=`echo ${RS_SESSION_SSL_CERT_KEY_PATH}`
   JUPYTER_ARGS="${JUPYTER_ARGS} --certfile ${CERT_PATH} --keyfile ${KEY_PATH}"
fi

# run the session
/bin/bash --login $JUPYTER_PROFILE_OPTIONS -c "$JUPYTER_EXEC_COMMAND $JUPYTER_ARGS"

# store exit code of command
EXIT_CODE=$?

if [[ -n "${CERT_DIR}" ]]; then
   rm -f "${CERT_FILE}"
   rm -f "${KEY_FILE}"
fi

# exit with previously-stored exit code, after cleanup
exit $EXIT_CODE
