extern crate reqwest;
extern crate rookeries;
#[macro_use]
extern crate serde_json;

use reqwest::{Client, Response, StatusCode};
use rookeries::security::JwtToken;
use serde_json::Value;

mod common;

#[test]
fn test_valid_user_with_valid_credentials_can_authenticate_on_site() {
    let (valid_test_user, valid_password) = common::valid_user();

    let api_base_uri = common::api_base_url();
    let test_client = Client::new();
    let auth_url = api_base_uri.join("/auth").unwrap();

    let credentials = json!({"username": valid_test_user.username, "password": valid_password});

    let mut actual_response = test_client
        .post(auth_url)
        .json(&credentials)
        .send()
        .unwrap();

    assert_eq!(actual_response.status(), StatusCode::Ok);

    let response_json: Value = actual_response.json().unwrap();
    let jwt_token = match response_json["access_token"].as_str() {
        None => String::new(),
        Some(token) => String::from(token),
    };
    assert_ne!(jwt_token, String::new());

    let jwt = JwtToken::configure_from_env().unwrap();
    let decoded_jwt = jwt.decode(&jwt_token).unwrap();

    assert_eq!(decoded_jwt.claims.identity, valid_test_user.username);
}

#[test]
fn test_valid_user_with_invalid_credentials_cannot_authenticate_on_site() {
    let (valid_test_user, _) = common::valid_user();

    let api_base_uri = common::api_base_url();
    let test_client = Client::new();
    let auth_url = api_base_uri.join("/auth").unwrap();

    let credentials = json!({"username": valid_test_user.username, "password": "random_password"});

    let actual_response = test_client
        .post(auth_url)
        .json(&credentials)
        .send()
        .unwrap();

    assert_unauthorized_response(actual_response);
}

#[test]
fn test_invalid_user_with_invalid_credentials_cannot_authenticate_on_site() {
    let api_base_uri = common::api_base_url();
    let test_client = Client::new();
    let auth_url = api_base_uri.join("/auth").unwrap();

    let credentials = json!({"username": "random_user", "password": "random_password"});

    let actual_response = test_client
        .post(auth_url)
        .json(&credentials)
        .send()
        .unwrap();

    assert_unauthorized_response(actual_response);
}

fn assert_unauthorized_response(mut actual_response: Response) {
    let expected_json = json!({
        "error": {
            "message": "Invalid credentials provided.",
            "status_code": 401,
        },
    });

    assert_eq!(actual_response.status(), StatusCode::Unauthorized);
    let actual_response_json: Value = actual_response.json().unwrap();
    assert_eq!(actual_response_json, expected_json);
}