local lu = require("luaunit")
local conf = require("ssso_config")

local here = debug.getinfo(1).source:sub(2, -17)
conf.load_conf(here)

local ngx = require("ngx")
local ng = require("ssso_nginx")

function test_refe_host_meth_uri_taken_from_ngx()
  -- given
  ngx.reset_var()
  ngx.var.http_referer = "R"
  ngx.var.host = "H"
  ngx.var.request_method = "M"
  ngx.var.request_uri = "U"
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.referer, "R")
  lu.assertEquals(r.host, "H")
  lu.assertEquals(r.method, "M")
  lu.assertEquals(r.uri, "U")
  lu.assertEquals(r.target, "U")
  lu.assertEquals(r.query_params, {})
end

function test_empty_referer_reported_as_nil()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U"
  ngx.var.http_referer = ""
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.referer, nil)
end

function test_query_params_split_from_uri_and_decoded()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U?P=V&Q=W"
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.uri, "U?P=V&Q=W")
  lu.assertEquals(r.target, "U")
  lu.assertEquals(r.query_params, {P = "v", Q = "w"})
end

function test_default_scheme_is_http()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U"
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.scheme, "http")
end

function test_scheme_is_https_when_proxy_https_var()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U"
  ngx.var.proxy_https = 1
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.scheme, "https")
end

function test_scheme_is_https_when_https_var()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U"
  ngx.var.https = 1
  -- when
  local r = ng.get_request()
  -- then
  lu.assertEquals(r.scheme, "https")
end

function test_get_jws_cookie_returns_the_cookie_from_nginx()
  -- given
  ngx.reset_var()
  ngx.var.cookie_SSSO_TOKEN = "cookie"
  -- when
  local c = ng.get_jws_cookie()
  -- then
  lu.assertEquals(c, "cookie")
end

function test_jws_cookie_sent_back_through_ngx()
  -- given
  ngx.reset_header()
  -- when
  ng.set_jws_cookie("J", 999)
  -- then
  lu.assertEquals(ngx.header["Set-Cookie"], {v = "SSSO_TOKEN=J; Path=/; Expires=999; Secure", link = nil})
end

function test_ngx_now_converted_to_integer()
  lu.assertEquals(ng.get_seconds_since_epoch(), 1626546790)
end

function test_add_cookie_works_once()
  -- given
  ngx.reset_var()
  ngx.req.reset()
  -- when
  ng.add_cookie("C", "V")
  -- then
  lu.assertEquals(ngx.req.header["Cookie"], "C=V")
end

function test_add_cookie_works_twice()
  -- given
  ngx.reset_var()
  ngx.req.reset()
  -- when
  ng.add_cookie("C1", "V1")
  ng.add_cookie("C2", "V2")
  -- then
  lu.assertEquals(ngx.req.header["Cookie"], "C1=V1; C2=V2")
end

function test_add_header_works()
  -- given
  ngx.reset_var()
  ngx.req.reset()
  -- when
  ng.add_header("H1", "V1")
  ng.add_header("H2", "V2")
  ng.add_header("H1", "V3")
  -- then
  lu.assertEquals(ngx.req.header["H1"], "V3")
  lu.assertEquals(ngx.req.header["H2"], "V2")
end

function test_method_is_recognized_case_insensitive()
  -- given
  ngx.reset_var()
  ngx.var.request_method = "get"
  ngx.var.request_uri = "U"
  local r = ng.get_request()
  -- when
  local is_get = ng.has_method(r, "GET")
  local is_post = ng.has_method(r, "POST")
  -- then
  lu.assertTrue(is_get and true)
  lu.assertFalse(is_post or false)
end

function test_uri_identity_ignores_query_parameters()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "U?P=V&Q=W"
  local r = ng.get_request()
  -- when
  local is_without_qp = ng.is(r, "U")
  local is_with_qp = ng.is(r, "U?P=V&Q=W")
  -- then
  lu.assertTrue(is_without_qp and true)
  lu.assertFalse(is_with_qp or false)
end

function test_uri_match_ignores_query_parameters()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb"
  local r = ng.get_request()
  -- when
  local matches_without_qp = ng.matches(r, "/a+$")
  local matches_with_qp = ng.matches(r, "/a.*b")
  -- then
  lu.assertTrue(matches_without_qp and true)
  lu.assertFalse(matches_with_qp or false)
end

function test_starts_with_ignores_query_parameters()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb"
  local r = ng.get_request()
  -- when
  local start_without_qp = ng.starts_with(r, "/a")
  local start_with_qp = ng.starts_with(r, "/aa?b")
  -- then
  lu.assertTrue(start_without_qp and true)
  lu.assertFalse(start_with_qp or false)
end

function test_starts_with_must_start_with_given_value()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb"
  local r = ng.get_request()
  -- when
  local start_in_middle = ng.starts_with(r, "aa")
  local does_not_start = ng.starts_with(r, "x")
  -- then
  lu.assertFalse(start_in_middle or false)
  lu.assertFalse(does_not_start or false)
end

function test_has_param_works_disregarding_the_value()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb&c=1"
  local r = ng.get_request()
  -- when
  local has_unknown_param = ng.has_param(r, "b")
  local has_unvalued_param = ng.has_param(r, "bb")
  local has_valued_param = ng.has_param(r, "c")
  -- then
  lu.assertFalse(has_unknown_param or false)
  lu.assertTrue(has_unvalued_param and true)
  lu.assertTrue(has_valued_param and true)
end

function test_has_param_works_with_a_correct_value()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb&c=1"
  local r = ng.get_request()
  -- when
  local has_unvalued_param = ng.has_param(r, "bb", true)
  local has_valued_param = ng.has_param(r, "c", "1")
  -- then
  lu.assertTrue(has_unvalued_param and true)
  lu.assertTrue(has_valued_param and true)
end

function test_has_param_works_with_a_wrong_value()
  -- given
  ngx.reset_var()
  ngx.var.request_uri = "/aa?bb&c=1"
  local r = ng.get_request()
  -- when
  local has_unknown_param = ng.has_param(r, "b", "x")
  local has_unvalued_param = ng.has_param(r, "bb", "x")
  local has_valued_param = ng.has_param(r, "c", "x")
  -- then
  lu.assertFalse(has_unknown_param or false)
  lu.assertFalse(has_unvalued_param or false)
  lu.assertFalse(has_valued_param or false)
end

function test_answer_not_found_returns_404()
  lu.assertEquals(ng.answer_not_found(), 404)
end

function test_answer_unexpected_error_returns_500()
  lu.assertEquals(ng.answer_unexpected_error(), 500)
end

function test_redirect_to_page_prepends_host()
  lu.assertEquals(ng.redirect_to_page("/url"), "302:https://my-domain.tld/url")
end

function test_redirect_to_portal()
  lu.assertEquals(ng.redirect_to_portal(), "307:https://my-domain.tld/ssso/portal")
end

function test_return_contents_returns_data_and_headers_http_200()
  -- given
  ngx.reset_resp_body()
  ngx.reset_header()
  -- when
  local resp = ng.return_contents("Contents", "Mime; Charset")
  -- then
  lu.assertEquals(resp, 200)
  lu.assertEquals(ngx.say(), "Contents")
  lu.assertEquals(ngx.header["Content-Type"], "Mime; Charset")
  lu.assertEquals(ngx.header["Content-Length"], "8")
  lu.assertEquals(ngx.header["Cache-Control"], "no-store,max-age=0")
end

function test_with_post_parameters_merges_post_parameters_to_request_data()
  -- given
  ngx.reset_post_var()
  ngx.reset_var()
  ngx.var.request_uri = "url?p&q=3"
  ngx.post_var.p = "5"
  ngx.post_var.r = "hello"
  -- when (1)
  local r = ng.get_request()
  -- then (1)
  lu.assertEquals(r, {
    scheme = "http",
    uri = "url?p&q=3",
    target = "url",
    query_params = {
      p = true,
      q = "3",
    },
  })
  -- when (2)
  r = ng.with_post_parameters(r)
  -- then (2)
  lu.assertEquals(r, {
    scheme = "http",
    uri = "url?p&q=3",
    target = "url",
    query_params = {
      p = "5",
      q = "3",
      r = "hello",
    },
  })
end

function test_get_basic_auth_with_no_header_returns_nil()
  -- given
  ngx.reset_header()
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertNil(u)
  lu.assertNil(p)
end

function test_get_basic_auth_with_non_basic_header_returns_nil()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Bearer uuid"
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertNil(u)
  lu.assertNil(p)
end

function test_get_basic_auth_with_basic_header_but_no_base64_returns_nil()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Basic "
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertNil(u)
  lu.assertNil(p)
end

function test_get_basic_auth_with_basic_header_but_invalid_base64_returns_nil()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Basic !!!!"
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertNil(u)
  lu.assertNil(p)
end

function test_get_basic_auth_with_valid_basic_header_returns_auth()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Basic dTpw"
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertEquals(u, "u")
  lu.assertEquals(p, "p")
end

function test_get_basic_auth_works_with_an_empty_login()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Basic OnA="
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertEquals(u, "")
  lu.assertEquals(p, "p")
end

function test_get_basic_auth_works_with_an_empty_password()
  -- given
  ngx.reset_header()
  ngx.var.Authentication = "Basic dTo="
  -- when
  local u, p = ng.get_basic_auth()
  -- then
  lu.assertEquals(u, "u")
  lu.assertEquals(p, "")
end

os.exit(lu.LuaUnit.run())