package middleware

import (
	"net/http"
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	"github.com/xlgmokha/x/pkg/test"
	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
)

func TestUser(t *testing.T) {
	middleware := User()

	t.Run("when x-jwt-claim-* headers are not provided", func(t *testing.T) {
		server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			require.False(t, IsLoggedIn(r))

			w.WriteHeader(http.StatusTeapot)
		}))

		r, w := test.RequestResponse("GET", "/example")
		server.ServeHTTP(w, r)

		assert.Equal(t, http.StatusTeapot, w.Code)
	})

	t.Run("when x-jwt-claim-* headers are provided", func(t *testing.T) {
		server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			require.True(t, IsLoggedIn(r))

			user := cfg.CurrentUser.From(r.Context())
			require.NotNil(t, user)

			assert.Equal(t, domain.ID("1"), user.ID)
			assert.Equal(t, "root", user.Username)
			assert.Equal(t, "https://gitlab.com/tanuki", user.ProfileURL)
			assert.Equal(t, "https://example.com/profile.png", user.Picture)

			w.WriteHeader(http.StatusTeapot)
		}))

		r, w := test.RequestResponse("GET", "/",
			test.WithRequestHeader("x-jwt-claim-sub", "1"),
			test.WithRequestHeader("x-jwt-claim-username", "root"),
			test.WithRequestHeader("x-jwt-claim-profile-url", "https://gitlab.com/tanuki"),
			test.WithRequestHeader("x-jwt-claim-picture-url", "https://example.com/profile.png"),
		)
		server.ServeHTTP(w, r)

		assert.Equal(t, http.StatusTeapot, w.Code)
	})
}