import {beforeAll, describe, expect, setSystemTime, test} from 'bun:test'
import {JWTcontext, type JWTalgorithm, type Key} from '../src/jwt'


let k!: Key;
let c!: JWTcontext;
const algs: JWTalgorithm[] = ["HS256", "HS512", "ES256", "ES512", "EdDSA"]
const contexts: Map<JWTalgorithm, JWTcontext> = new Map()

beforeAll(async () => {
    k = (await JWTcontext.gen_key("HS256")) as Key
    c = new JWTcontext(k, "HS256")

    for (const alg of algs) {
        const key = await JWTcontext.gen_key(alg as JWTalgorithm)
        expect(key).not.toBeUndefined()

        const context = new JWTcontext(key, alg as JWTalgorithm)
        contexts.set(alg as JWTalgorithm, context)
    }
})

test('Base case', async () => {
    let payload = {
        yeet: "yaat",
        lol: "yes"
    }

    for (const context of contexts.values()) {
        const jwt = await context.sign(payload, true, "2 days", "pascal", "server")

        const verified = (await context.verify(jwt, "pascal", "server")).expect("Should verify the JWT")
        expect(verified).toEqual(payload)
    }
})

describe("Audience verification", () => {
    const cases : [string|string[]|undefined, string|string[]|undefined, boolean][] = [
        // undefined at verify means we don't enforce that field
        [undefined, undefined, true],
        ["value", undefined, true],
        [["value", "other"], undefined, true],

        [undefined, "value", false],
        [undefined, ["value", "other"], false],

        ["value", "value", true],
        ["value", ["value", "other"], true],
        ["value", "yeet", false],
        ["value", ["yeet", "other"], false],

        [["value", "other"], "value", true],
        [["value", "other"], ["value", "yeet"], true],
        [["value", "other"], ["value", "other"], true],
        [["yeet", "other"], "value", false],
        [["value", "other"], ["yeet", "yaat"], false],
    ]

    for (const [at_sign, at_verify, result] of cases) {
        test(`${at_sign} and ${at_verify} ${result ? 'should' : "shouldn't"} work`, async () => {
            const message = "Yeet"
            const context = [...contexts.values()][0]

            const jwt = await context.sign(message, false, undefined, at_sign)
            const res = await context.verify<string>(jwt, at_verify)
            if (result) {
                res.expect("The JWT should be valid")
            } else {
                res.expect_err("The JWT shouldn't be valid")
            }
        })
    }
})
describe("Issuer verification", () => {
    const cases: [string|undefined, string|string[]|undefined, boolean][] = [
        // undefined at verify means don't enforce the field
        [undefined, undefined, true],
        ["value", undefined, true],

        [undefined, "value", false],
        [undefined, ["value", "other"], false],

        ["value", "value", true],
        ["value", ["value", "other"], true],
        ["value", "yeet", false],
        ["value", ["yeet", "other"], false],
    ]

    for (const [at_sign, at_verify, result] of cases) {
        test(`${at_sign} and ${at_verify} ${result ? 'should' : "shouldn't"} work`, async () => {
            const message = "Yaat"
            const context = [...contexts.values()][0]

            const jwt = await context.sign(message, false, undefined, undefined, at_sign)
            const res = await context.verify<string>(jwt, undefined, at_verify)
            if (result) {
                res.expect("The JWT should be valid")
            } else {
                res.expect_err("The JWT shouldn't be valid")
            }
        })
    }
})
test("Expired JWT is rejected", async () => {
    const message = "yeet"

    const jwt = await c.sign(message, false, "5min")

    const today = new Date()
    today.setDate(today.getDate() + 1)
    setSystemTime(today)

    const res = await c.verify<string>(jwt)
    res.expect_err("Shouldn't verify expired JWT")
})
test("Wrong key won't decrypt", async () => {
    const alg = "HS256"
    const k2 = await JWTcontext.gen_key(alg, false)
    const c2 = new JWTcontext(k2, alg)

    const message = "yeet"
    const jwt = await c.sign(message)
    const res = await c2.verify<string>(jwt)

    res.expect_err("Shouldn't verify with a different key")
})
test("tampered JWT are rejected", async () => {
    const message = "yeet"
    let jwt = await c.sign(message)

    if (jwt[0] === "a") jwt = "b" + jwt.substring(1)
    else jwt = "a" + jwt.substring(1)

    const res = await c.verify<string>(jwt)
    res.expect_err("Shouldn't verify a tampered JWT")
})