package internalhttp

import (
	"bytes"
	"context"
	"net/http"
	"testing"
	"time"

	"galaxy/authsession/internal/service/blockuser"
	"galaxy/authsession/internal/service/getsession"
	"galaxy/authsession/internal/service/listusersessions"
	"galaxy/authsession/internal/service/revokeallusersessions"
	"galaxy/authsession/internal/service/revokedevicesession"
	"galaxy/authsession/internal/service/shared"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestNewServerRejectsInvalidConfiguration(t *testing.T) {
	t.Parallel()

	cfg := DefaultConfig()
	cfg.Addr = ""

	_, err := NewServer(cfg, validDependencies())

	require.Error(t, err)
	assert.Contains(t, err.Error(), "addr")
}

func TestServerRunAndShutdown(t *testing.T) {
	t.Parallel()

	cfg := DefaultConfig()
	cfg.Addr = "127.0.0.1:0"

	server, err := NewServer(cfg, validDependencies())
	require.NoError(t, err)

	runErr := make(chan error, 1)
	go func() {
		runErr <- server.Run(context.Background())
	}()

	require.Eventually(t, func() bool {
		server.stateMu.RLock()
		defer server.stateMu.RUnlock()
		return server.listener != nil
	}, time.Second, 10*time.Millisecond)

	server.stateMu.RLock()
	addr := server.listener.Addr().String()
	server.stateMu.RUnlock()

	response, err := http.Post(
		"http://"+addr+"/api/v1/internal/sessions/device-session-123/revoke",
		"application/json",
		bytes.NewBufferString(`{"reason_code":"admin_revoke","actor":{"type":"system"}}`),
	)
	require.NoError(t, err)
	defer response.Body.Close()

	assert.Equal(t, http.StatusOK, response.StatusCode)

	shutdownCtx, cancel := context.WithTimeout(context.Background(), time.Second)
	defer cancel()
	require.NoError(t, server.Shutdown(shutdownCtx))
	require.NoError(t, <-runErr)
}

func validDependencies() Dependencies {
	return Dependencies{
		GetSession: getSessionFunc(func(context.Context, getsession.Input) (getsession.Result, error) {
			return getsession.Result{Session: validSessionDTO()}, nil
		}),
		ListUserSessions: listUserSessionsFunc(func(context.Context, listusersessions.Input) (listusersessions.Result, error) {
			return listusersessions.Result{Sessions: []shared.Session{validSessionDTO()}}, nil
		}),
		RevokeDeviceSession: revokeDeviceSessionFunc(func(context.Context, revokedevicesession.Input) (revokedevicesession.Result, error) {
			return revokedevicesession.Result{
				Outcome:              "revoked",
				DeviceSessionID:      "device-session-123",
				AffectedSessionCount: 1,
			}, nil
		}),
		RevokeAllUserSessions: revokeAllUserSessionsFunc(func(context.Context, revokeallusersessions.Input) (revokeallusersessions.Result, error) {
			return revokeallusersessions.Result{
				Outcome:                  "revoked",
				UserID:                   "user-123",
				AffectedSessionCount:     1,
				AffectedDeviceSessionIDs: []string{"device-session-123"},
			}, nil
		}),
		BlockUser: blockUserFunc(func(context.Context, blockuser.Input) (blockuser.Result, error) {
			return blockuser.Result{
				Outcome:                  "blocked",
				SubjectKind:              blockuser.SubjectKindEmail,
				SubjectValue:             "pilot@example.com",
				AffectedSessionCount:     0,
				AffectedDeviceSessionIDs: []string{},
			}, nil
		}),
	}
}