require 'spec_helper'
require 'yaml'

describe SoarAuthenticationToken::TokenValidator do
  before :all do
    keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
    @valid_private_key,   @valid_public_key   = keypair_generator.generate
    @invalid_private_key, @invalid_public_key = keypair_generator.generate
    @test_identifier = 'a@b.co.za'
    @valid_generator_configuration = {
      'mode' => 'local',
      'private_key' => @valid_private_key
    }
    @invalid_generator_configuration = {
      'mode' => 'local',
      'private_key' => @invalid_private_key
    }
    @validator_configuration = {
      'mode' => 'local',
      'public_key' => @valid_public_key
    }
    @valid_generator = SoarAuthenticationToken::TokenGenerator.new(@valid_generator_configuration)
    @invalid_generator = SoarAuthenticationToken::TokenGenerator.new(@invalid_generator_configuration)
  end

  before :each do
    @iut = SoarAuthenticationToken::TokenValidator.new(@validator_configuration)
  end

  after :each do
  end

  it 'has a version number' do
    expect(SoarAuthenticationToken::VERSION).not_to be nil
  end

  context "when validating a token locally using the configured public key" do
    it 'should indicate valid if the token is valid' do
      token = @valid_generator.generate(authenticated_identifier: @test_identifier)
      token_validity, token_identifier = @iut.validate(token)
      expect(token_validity).to eq true
    end

    it 'should indicate invalid if the token is invalid' do
      token = @invalid_generator.generate(authenticated_identifier: @test_identifier)
      token_validity, token_identifier = @iut.validate(token)
      expect(token_validity).to eq false
    end

    it 'should provide the authenticated_identifier if the token is valid' do
      token = @valid_generator.generate(authenticated_identifier: @test_identifier)
      token_validity, token_identifier = @iut.validate(token)
      expect(token_identifier).to eq @test_identifier
    end

    it 'should not provide the authenticated_identifier if the token is invalid' do
      token = @invalid_generator.generate(authenticated_identifier: @test_identifier)
      token_validity, token_identifier = @iut.validate(token)
      expect(token_identifier).to eq nil
    end

    it 'should indicate as invalid tokens that are older than the configured expiry time' do
      #TODO
      #expect(true).to eq false
    end

    it 'should indicate as valid tokens that are not older than the configured expiry time' do
      #TODO
      #expect(true).to eq false
    end
  end

  context "when validating a token remotely using the configured url" do
    #TODO
  end
end