//go:build integration
// +build integration

package test

import (
	"context"
	"net/http"
	"net/url"
	"testing"
	"time"

	"github.com/oauth2-proxy/mockoidc"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	"github.com/testcontainers/testcontainers-go"
	"github.com/testcontainers/testcontainers-go/wait"
	"github.com/xlgmokha/x/pkg/env"
	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
)

type TestLogConsumer struct {
	t *testing.T
}

func (lc *TestLogConsumer) Accept(l testcontainers.Log) {
	lc.t.Logf("%s", l.Content)
}

func TestContainer(t *testing.T) {
	srv := oidc.NewTestServer(t)
	defer srv.Close()

	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
	defer cancel()

	address, err := url.Parse(srv.MockOIDC.Addr())
	require.NoError(t, err)

	issuer := srv.Issuer()
	t.Logf("mockoidc: %v %v %v\n", address.String(), issuer, testcontainers.HostInternal)
	container, err := testcontainers.Run(
		ctx,
		env.Fetch("IMAGE_TAG", "sparkled:invalid"),
		testcontainers.WithEnv(map[string]string{
			"APP_ENV":             "test",
			"BIND_ADDR":           ":8080",
			"DEBUG":               env.Fetch("DEBUG", ""),
			"HMAC_SESSION_SECRET": "secret",
			"OAUTH_CLIENT_ID":     srv.MockOIDC.Config().ClientID,
			"OAUTH_CLIENT_SECRET": srv.MockOIDC.Config().ClientSecret,
			"OAUTH_REDIRECT_URL":  "",
			"OIDC_ISSUER":         issuer,
		}),
		testcontainers.WithExposedPorts("8080/tcp", "9901/tcp", "10000/tcp"),
		testcontainers.WithLogConsumers(&TestLogConsumer{t: t}),
		testcontainers.WithWaitStrategy(wait.ForLog("Listening on").WithStartupTimeout(time.Second*5)),
	)
	require.NoError(t, err)

	defer testcontainers.TerminateContainer(container)

	oidcProviderEndpoint := address.String()
	sparkleEndpoint, err := container.PortEndpoint(ctx, "8080", "http")
	require.NoError(t, err)

	envoyEndpoint, err := container.PortEndpoint(ctx, "10000", "http")
	require.NoError(t, err)

	client := &http.Client{Timeout: 5 * time.Second}

	publicPaths := []string{
		envoyEndpoint + "/",
		envoyEndpoint + "/application.js",
		envoyEndpoint + "/favicon.ico",
		envoyEndpoint + "/favicon.png",
		envoyEndpoint + "/health",
		envoyEndpoint + "/index.html",
		envoyEndpoint + "/logo.png",
		oidcProviderEndpoint + mockoidc.DiscoveryEndpoint,
		sparkleEndpoint + "/",
		sparkleEndpoint + "/favicon.ico",
		sparkleEndpoint + "/health",
	}

	for _, path := range publicPaths {
		t.Run(path, func(t *testing.T) {
			request, err := http.NewRequestWithContext(ctx, http.MethodGet, path, nil)
			response, err := client.Do(request)
			require.NoError(t, err)
			assert.Equal(t, http.StatusOK, response.StatusCode)
		})
	}
}