package jwt_test

import (
	"errors"
	"fmt"
	"testing"
	"time"

	"git.daebt.dev/golang/auth/algo/rs"
	"git.daebt.dev/golang/auth/jwt"
)

var key = `-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzIWvl1OtwExnQ3HvoYk6bFRIlcCjzdv1yHazJfr6jxk6w+tC
sIWEdtKsAPm3gmmFG+mTuHq+H53sahm6DD9YC5ZQjnvSYkBKv70Zw331/tg9VLbf
Jc+gN7kbD3xMQsucYD0973r7l9pEPH4Qw/I+BEKHMxlTmynStgKxnfyO6iPkL5jT
zpUXlD4V9xqUoMY/uX3EpGwbJJKFJuphYX3jzJQ++tovQGGep7RgNeMEoWjyAkJ2
yb7tiSWsw7qk6GO2z6NDmnc1UsdSBZ6Vg7BPUp8EINAdX1wbmB0+QH/vp0huM6lS
Y6NMBugwptQUe5UCaly9fN4kb26U0qglEoGB6wIDAQABAoIBADU244UgRKkwN/4Y
ex0ws37UPz6XrQc3IDBUkjBjqSXqjpvDbsq3Mswn7JEkaFcKVZP5pnHtneJkGMtS
flIJeUMqjTNFjGv8Bnb1IOr4rzTr1qlgG5ee+jUFeMECumT2zW1NAfx5p1TPecmz
k3EoanJ5TOxCvro0m5q4ALb2q8jHrtfvtqEBrHepeEp3Lyh7m4ZUib+0yWXs0EPC
HhF9kLpCy+tVXUPDyLCt4cldTUda/3xeswzmxVRrHkt/idsNuTAi7o1Cx/OfZYMI
AzQo8OTh1Bg2DlXKtOX40frIxy3/K77F3ozwV4a3FravUO+wvcQdIyi6KAmNBFS3
9IVA7IECgYEA4x0TAn7vOvazILmg4Es0/gsWlh7RGmNTqVYtj5TfwOviUGeaculR
BSsyX8pgaROJKjGDcNzSQQEhHfJXrhNXeMJ0zPUIsJCBmih8oaCpAScWpV+qpdky
1Eb2akEg7XbpqBJJ1jnoEvIhd4feCAN8Gv8vcmdER7HaGdyef4XxlFsCgYEA5okG
tbyTtD2cfmYjYsoGqEfGH0Pe9vxc+MBthiPg0f2lpg+YuSPx92ZuJciLNyNWo9qf
NFnzbSEFxzomK/Bgq9ujGnbPyLOCadIADM4/njEEPe+IsagDxBgTrCEUJ56W9MLj
N+b4d/gnBkK4roDW8gjy7x4MbePByoDfaWtU/bECgYEApn8RCZpe7V4gMdSEIQph
fgBI/aL37p10nsbDvegJJRiIoCNjsexj7iMd2eW2SjH9M4Z68smgBfG7AoZASyh4
ztnX4M2eIjq+GHKn86GhZGvwiSoaI12YitC/I2Q9rHipkQJfSQLIpOMHL+bWGg/b
8rqzYO5duyWiW6VGOPzL/tMCgYB3JVSZcrfnzHvn+8PIF9+u80FbAUnn3m/yhAlW
7Y4RGYWWOLNW5FP26DJ/RpFk0tfBYYksllywBwQkflIiHV7pE1/NmqAy+0uog0dR
VvscN/sYQ4cjQlGH9GWebY4sF9Ou9lZWmwHJhzAsFSm7zozIlIVxvdbwqGiMz2Qn
6LgJUQKBgQC9H2JGm54wg0YPuDig5LjymUxYJrEiJT0IXz4vy+UEMxw+1EmeD5sm
kSqHkwNDp7D+3nik5HzoFVifJAvqFWU73fpvqQlvZSNfVrtq8UvJBIuH7eHkrJrC
L8dEn16HWjLX50GlT+9eYyHWtYI4sMdnzz1/JS6PwQRxKlFQN9HJYg==
-----END RSA PRIVATE KEY-----`

func TestCreate(t *testing.T) {
	alg, err := rs.NewRS256(
		rs.WithPEM(nil, []byte(key)),
	)
	if err != nil {
		t.Fatal(err.Error())
	}

	tm := time.Now()

	var data = []*struct {
		o []jwt.Option
		v []jwt.VerifyOption
		e error
	}{
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
			},
			nil,
			nil,
		},
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
				jwt.WithIssuedAt(tm),
				jwt.WithExpirationTime(tm.Add(time.Hour)),
			},
			nil,
			nil,
		},
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
				jwt.WithIssuedAt(tm),
				jwt.WithExpirationTime(tm.Add(-time.Hour)),
			},
			nil,
			jwt.ErrExpired,
		},
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
				jwt.WithIssuedAt(tm),
				jwt.WithNotBefore(tm.Add(time.Hour)),
			},
			nil,
			jwt.ErrNotActivated,
		},
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
				jwt.WithIssuedAt(tm),
			},
			[]jwt.VerifyOption{
				jwt.WithVerifyIssuer("https://git.daebt.dev"),
			},
			nil,
		},
		{
			[]jwt.Option{
				jwt.WithIssuedAt(tm),
			},
			[]jwt.VerifyOption{
				jwt.WithVerifyIssuer(),
			},
			jwt.ErrKeyNotExist,
		},
		{
			[]jwt.Option{
				jwt.WithIssuer("https://git.daebt.dev"),
				jwt.WithIssuedAt(tm),
			},
			[]jwt.VerifyOption{
				jwt.WithVerifyIssuer(),
			},
			nil,
		},
	}

	for i, v := range data {
		t.Run(fmt.Sprint(i), func(t *testing.T) {
			val, err := jwt.New(v.o...).Sign(alg)
			if err != nil {
				t.Fatal(err.Error())
			}

			tkn, err := jwt.Parse(val)
			if err != nil {
				t.Fatal(err.Error())
			}

			if err := tkn.Verify(alg, v.v...); !errors.Is(err, v.e) {
				t.Fatal(err.Error())
			}
		})
	}

}