#!/usr/bin/env ruby

require 'io/console'
require 'json'
require 'net/http'
require 'openssl'
require 'uri'

uri = URI.parse("http://localhost:4567/login")

header = {'Content-Type': 'text/json'}

print "Username: "; un = gets.strip
print "Password: "; pw = STDIN.noecho(&:gets).strip; puts

login = {
  "username": un
}

http = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Post.new(uri.request_uri, header)
request.body = login.to_json

response = http.request(request)
eticket = [response.body].pack("H*").unpack("C*").pack("c*")

cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt
cipher.key = Digest::SHA2.digest(pw)
begin
  ticket = cipher.update(eticket) + cipher.final
  File.open(".keytab", ?w) do |f|
    f.puts "_TGS:#{ticket}"
  end
rescue OpenSSL::Cipher::CipherError
  puts "Invalid password?"
end