require_relative "spec_helper"

module Nyara
  describe Session do
    context ".encode_set_cookie options" do
      before :all do
        @session = Session.new
        @session['hello'] = 'world'
      end

      it "is HttpOnly" do
        Session.init
        line = Session.encode_set_cookie @session, false
        assert_includes line, '; HttpOnly'
      end

      it "adds Secure" do
        init_configure_with :session, :secure, true
        line = Session.encode_set_cookie @session, false
        assert_includes line, '; Secure'

        init_configure_with :session, :secure, false
        line = Session.encode_set_cookie @session, true
        assert_not_include line, 'Secure'

        init_configure_with :session, :secure, nil
        line = Session.encode_set_cookie @session, true
        assert_includes line, '; Secure'
        line = Session.encode_set_cookie @session, false
        assert_not_include line, 'Secure'
      end

      it "adds Expires" do
        init_configure_with :session, :expire, nil
        line = Session.encode_set_cookie @session, false
        assert_not_include line, 'Expires'

        init_configure_with :session, :expires, 30 * 60
        line = Session.encode_set_cookie @session, false
        assert_includes line, '; Expires='
      end

      it "raises for unkown keys" do
        assert_raise RuntimeError do
          init_configure_with :session, :ciphre_key, 'adsf'
        end
      end

      def init_configure_with *options
        Config.configure do
          reset
          set *options
        end
        Session.init
      end
    end

    context "no cipher" do
      before :all do
        Config.configure do
          reset
          set 'session', 'cipher_key', nil
        end
        Session.init
      end

      it "should encode and decode" do
        cookie = {}
        session = Session.new
        session['hello'] = 'world'
        Session.encode_to_cookie session, cookie

        session_data = cookie[Session.name].split('/')[1]
        assert_includes Base64.urlsafe_decode64(session_data), 'world'

        session2 = Session.decode cookie
        assert_equal 'world', session2[:hello]
      end

      it "drops bad signature" do
        cookie = {}
        session = Session.new
        session['hello'] = 'world'
        Session.encode_to_cookie session, cookie

        cookie[Session.name].sub!(/\w/, &:swapcase)

        session = Session.decode cookie
        assert_empty session
      end
    end

    context "with cipher" do
      before :all do
        Config.configure do
          reset
          set 'session', 'cipher_key', "some cipher key"
        end
        Session.init
      end

      it "encode and decode" do
        cookie = {}
        session = Session.new
        session['hello'] = 'world'
        Session.encode_to_cookie session, cookie

        session_data = cookie[Session.name].split('/')[1]
        if session_data
          assert_not_include Base64.urlsafe_decode64(session_data), 'world'
        end

        session2 = Session.decode cookie
        assert_equal 'world', session2[:hello]
      end

      it "cipher should not be pure" do
        message = 'OCB is by far the best mode, as it allows encryption and authentication in a single pass. However there are patents on it in USA.'
        r1 = Session.cipher message
        r2 = Session.cipher message
        assert_not_equal r1, r2
      end

      it "decipher returns blank str when message too short" do
        r = Session.decipher Base64.urlsafe_encode64 'short one'
        assert_empty r
        r = Session.decipher Base64.urlsafe_encode64 's' * (256/8)
        assert_empty r
      end
    end
  end
end