package edgeencrypt

import (
	"crypto/rand"
	"crypto/rsa"
	"testing"

	"github.com/golang-jwt/jwt"
	"github.com/google/uuid"
)

func TestBearerToken(t *testing.T) {
	channelID := uuid.NewString()
	channelName := "my-channel"
	privateKey, err := rsa.GenerateKey(rand.Reader, RSA2048)
	if err != nil {
		t.Fatalf("failed to generate private key: %v", err)
	}
	publicKey := &privateKey.PublicKey

	token, err := CreateToken(jwt.SigningMethodRS256, privateKey, DefaultDuration, channelID, channelName, Encryption, "my-banner")
	if err != nil {
		t.Errorf("CreateToken failed: %v", err)
	}

	claims, err := FromToken(publicKey, token)
	if err != nil {
		t.Errorf("FromToken failed: %v", err)
	}

	if !claims.ValidChannel(channelID) {
		t.Errorf("ChannelID mismatch: %s != %s", claims.ChannelID, channelID)
	}

	if !claims.ValidChannelName(channelName) {
		t.Errorf("ChannelName mismatch: %s != %s", claims.Channel, channelName)
	}

	if !claims.HasRole(Encryption) {
		t.Errorf("Expected Role encryption: %v", claims.Role)
	}
}

func TestPrintToken(t *testing.T) {
	t.SkipNow()
	// change the channelID and role to test different scenarios
	channelID := uuid.NewString()
	channelName := "store256"
	role := Encryption

	privateKey, err := rsa.GenerateKey(rand.Reader, RSA2048)
	if err != nil {
		t.Fatalf("failed to generate private key: %v", err)
	}
	publicKey := &privateKey.PublicKey

	token, err := CreateToken(jwt.SigningMethodRS256, privateKey, DefaultDuration, channelID, channelName, role, "my-banner")
	if err != nil {
		t.Errorf("CreateToken failed: %v", err)
	}

	pk, err := ConvertRSAPublicKeyToPEM(publicKey)
	if err != nil {
		t.Fatalf("failed to convert public key to string: %v", err)
	}
	pvKey := ConvertRSAPrivateKeyToPEM(privateKey)

	t.Logf("Private Key: \n%s", pvKey)
	t.Logf("Public Key: \n%s", pk)
	t.Logf("Token: \n%s", token)
}