// A program to scan emails for phishing links.
// Copyright (C) 2019  Harald Eilertsen
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program.  If not, see <https://www.gnu.org/licenses/>.

use chrono::{ DateTime, Utc };
use serde::Deserialize;
use serde_json;
use std::io::{ BufRead, Result };
use std::net::IpAddr;

#[derive(Deserialize)]
pub struct PhishTank {
    pub phishes: Vec<Phish>,
}

#[derive(Deserialize)]
pub struct Phish {
    pub phish_id: String,
    pub url: String,
    pub phish_detail_url: String,
    pub submission_time: DateTime<Utc>,
    pub verified: String,
    pub verified_time: Option<DateTime<Utc>>,
    pub online: String,
    pub target: String,
    pub details: Vec<PhishDetails>,
}

#[derive(Deserialize)]
pub struct PhishDetails {
    pub ip_address: IpAddr,
    pub cidr_block: String,
    pub announcing_network: String,
    pub rir: String,
    pub country: String,
    pub detail_time: DateTime<Utc>,
}

pub fn load_phistank<R: BufRead>(input: R) -> Result<PhishTank> {
    let phishes = serde_json::from_reader(input)?;
    Ok(PhishTank { phishes })
}