package web

import (
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"

	"github.com/stretchr/testify/assert"
	"mokhan.ca/xlgmokha/idp/pkg/dto"
)

func TestRegister(t *testing.T) {
	srv := NewHttpContext(&Configuration{Issuer: "https://example.com", KeyData: []byte{}})

	t.Run("POST /register", func(t *testing.T) {
		t.Run("with a valid request body", func(t *testing.T) {
			w := httptest.NewRecorder()

			r := httptest.NewRequest("POST", "/register", strings.NewReader(`{
					"redirect_uris": ["https://client.example.org/callback"],
					"client_name": "My Client",
					"token_endpoint_auth_method": "client_secret_basic",
					"logo_uri": "https://client.example.org/logo.png",
					"jwks_uri": "https://client.example.org/my_public_keys.jwks"
				}`,
			))
			r.Header.Set("Content-Type", "application/json")
			r.Header.Set("Accept", "application/json")

			srv.Router().ServeHTTP(w, r)

			assert.Equal(t, http.StatusCreated, w.Result().StatusCode)
			assert.Equal(t, "application/json", w.HeaderMap.Get("Content-Type"))
			assert.Equal(t, "no-store", w.HeaderMap.Get("Cache-Control"))
			assert.Equal(t, "no-cache", w.HeaderMap.Get("Pragma"))

			var x dto.ClientInformationResponse
			json.NewDecoder(w.Body).Decode(&x)

			assert.Equal(t, "My Client", x.ClientName)
			assert.Equal(t, dto.ClientSecretBasic, x.TokenEndpointAuthMethod)
			assert.Equal(t, "https://client.example.org/callback", x.RedirectUris[0])
			assert.Equal(t, "https://client.example.org/logo.png", x.LogoUri)
			assert.Equal(t, "https://client.example.org/my_public_keys.jwks", x.JWKSUri)
			assert.Equal(t, 1, len(x.RedirectUris))
			assert.NotEmpty(t, x.ClientId)
			assert.NotEmpty(t, x.ClientIdIssuedAt)
			assert.NotEmpty(t, x.ClientSecret)
			assert.NotEmpty(t, x.ClientSecretExpiresAt)
		})

		t.Run("with an invalid request body", func(t *testing.T) {
			w := httptest.NewRecorder()

			body := `{"redirect_uris": ["], "client_name": "", "token_endpoint_auth_method": ""}`
			r := httptest.NewRequest("POST", "/register", strings.NewReader(body))
			r.Header.Set("Content-Type", "application/json")
			r.Header.Set("Accept", "application/json")

			srv.Router().ServeHTTP(w, r)

			assert.Equal(t, "application/json", w.HeaderMap.Get("Content-Type"))
			assert.Equal(t, "no-store", w.HeaderMap.Get("Cache-Control"))
			assert.Equal(t, "no-cache", w.HeaderMap.Get("Pragma"))
			assert.Equal(t, http.StatusBadRequest, w.Result().StatusCode)

			var params map[string]string
			json.NewDecoder(w.Body).Decode(&params)

			assert.Equal(t, "invalid_client_metadata", params["error"])
			assert.NotEmpty(t, params["error_description"])
		})
	})
}