package app

import (
	"encoding/base64"
	"strings"
	"testing"
	"time"
)

func TestAdminSessionDebugValue(t *testing.T) {
	secret := "test-secret"
	username := "admin"
	expiresAt := time.Now().Add(time.Hour)

	result := adminSessionDebugValue(secret, username, expiresAt)

	// Result should be a hex string
	if result == "" {
		t.Error("adminSessionDebugValue should return non-empty string")
	}

	// Should be valid hex (only contains hex characters)
	for _, c := range result {
		if !((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f')) {
			t.Errorf("adminSessionDebugValue returned non-hex character: %c", c)
		}
	}
}

func TestAdminSessionPayload(t *testing.T) {
	tests := []struct {
		name     string
		raw      string
		wantUser string
		wantExp  bool
	}{
		{
			name:     "valid payload",
			raw:      createValidPayload("admin", "1234567890"),
			wantUser: "admin",
			wantExp:  true,
		},
		{
			name:     "invalid format - no dot",
			raw:      "invalid-no-dot",
			wantUser: "",
			wantExp:  false,
		},
		{
			name:     "invalid format - too many dots",
			raw:      "part1.part2.part3",
			wantUser: "",
			wantExp:  false,
		},
		{
			name:     "invalid base64",
			raw:      "invalid!!!.signature",
			wantUser: "",
			wantExp:  false,
		},
		{
			name:     "empty string",
			raw:      "",
			wantUser: "",
			wantExp:  false,
		},
		{
			name:     "single part",
			raw:      "onlyonepart",
			wantUser: "",
			wantExp:  false,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			payload := adminSessionPayload(tt.raw)

			// All results should have "raw" field
			if _, ok := payload["raw"]; !ok {
				t.Error("payload should contain 'raw' field")
			}

			if tt.wantUser != "" {
				if user, ok := payload["username"].(string); !ok || user != tt.wantUser {
					t.Errorf("username = %v, want %v", user, tt.wantUser)
				}
			}

			if tt.wantExp {
				if _, ok := payload["expires_unix"]; !ok {
					t.Error("expected expires_unix field")
				}
				if _, ok := payload["payload"]; !ok {
					t.Error("expected payload field")
				}
			}
		})
	}
}

func TestMarshalAdminSessionPayload(t *testing.T) {
	validPayload := createValidPayload("admin", "1234567890")

	result := marshalAdminSessionPayload(validPayload)

	// Result should be valid JSON
	if result == "" {
		t.Error("marshalAdminSessionPayload should return non-empty string")
	}

	// Should contain expected fields
	if !strings.Contains(result, "raw") {
		t.Error("result should contain 'raw' field")
	}

	if !strings.Contains(result, "username") {
		t.Error("result should contain 'username' field")
	}

	// Test with invalid payload
	invalidResult := marshalAdminSessionPayload("invalid")
	if invalidResult == "" {
		t.Error("marshalAdminSessionPayload with invalid input should still return something")
	}
}

// createValidPayload creates a valid payload string for testing
func createValidPayload(username, expires string) string {
	body := username + "|" + expires
	encoded := base64.RawURLEncoding.EncodeToString([]byte(body))
	return encoded + ".signature"
}