package confirmemailcode

import (
	"context"
	"testing"
	"time"

	"galaxy/authsession/internal/domain/challenge"
	"galaxy/authsession/internal/domain/common"
	"galaxy/authsession/internal/service/shared"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestExecuteReturnsInvalidCodeForThrottledChallengeWithoutConsumingAttempts(t *testing.T) {
	t.Parallel()

	deps := newConfirmDeps(t)
	record := sentChallengeFixture(t, deps.hasher, "challenge-1", "pilot@example.com", "654321", deps.now.Add(-time.Minute), deps.now.Add(time.Minute))
	record.Status = challenge.StatusDeliveryThrottled
	record.DeliveryState = challenge.DeliveryThrottled
	require.NoError(t, record.Validate())
	require.NoError(t, deps.challengeStore.Create(context.Background(), record))

	service := mustNewConfirmService(t, deps)
	_, err := service.Execute(context.Background(), Input{
		ChallengeID:     "challenge-1",
		Code:            "654321",
		ClientPublicKey: publicKeyString(),
		TimeZone:        confirmEmailCodeTimeZone,
	})
	require.Error(t, err)
	assert.Equal(t, shared.ErrorCodeInvalidCode, shared.CodeOf(err))

	updated, getErr := deps.challengeStore.Get(context.Background(), common.ChallengeID("challenge-1"))
	require.NoError(t, getErr)
	assert.Equal(t, 0, updated.Attempts.Confirm)
	assert.Equal(t, challenge.StatusDeliveryThrottled, updated.Status)
}