require 'spec_helper'
require 'webmock/rspec'

describe SoarAuthenticationToken::TokenGenerator do
  before :all do
    keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
    @private_key, @public_key = keypair_generator.generate
    @test_authenticated_identifier = 'a@b.co.za'
  end

  before :each do
    @generator_configuration_local = {
      'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
      'private_key' => @private_key
    }
    @validator_configuration_local = {
      'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
      'keys' => {
        'keyA' => {
          'public_key' => @public_key
        }
      }
    }
    @configuration_remote_generator = {
      'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
      'generator-url' => 'http://authentication-token-generator-service:9393/generate',
      'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
    }
    @configuration_remote_validator = {
      'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
      'validator-url' => 'http://authentication-token-validator-service:9393/validate',
    }

    @test_store = AuthTokenStoreProvider::StubClient.new
  end

  after :each do
  end

  after :all do
  end

  it 'has a version number' do
    expect(SoarAuthenticationToken::VERSION).not_to be nil
  end

  context "when generating a new token locally" do
    it 'should generate the token locally using configured private key' do
      @iut = SoarAuthenticationToken::TokenGenerator.new(@generator_configuration_local)
      @iut.inject_store_provider(@test_store)
      @validator = SoarAuthenticationToken::TokenValidator.new(@validator_configuration_local)
      @validator.inject_store_provider(@test_store)

      token, token_generator_meta = @iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
      token_validity, token_validator_meta = @validator.validate(authentication_token: token, request_information: request_information_from_valid_source, flow_identifier: 'test-flow-id')
      expect(token_validity).to eq(true)
      expect(token_validator_meta['authenticated_identifier']).to eq(@test_authenticated_identifier)
    end
  end

  context "when generating a new token remotely" do
    it 'should request the token from the configured remote service' do
      stub_response_body = {'status' => 'success', 'data' => { 'token' => 'abc' }}.to_json
      stub_request(:post, "http://authentication-token-generator-service:9393/generate?flow_identifier=test-flow-id").
        with(body: "{\"authenticated_identifier\":\"a@b.co.za\"}",
             headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization'=>'test_ecosystem_token_for_auth_token_aaapi_authenticator_service', 'User-Agent'=>'Ruby'}).
        to_return(status: 200, body: stub_response_body, headers: {})

      @iut = SoarAuthenticationToken::TokenGenerator.new(@configuration_remote_generator)
      @iut.inject_store_provider(@test_store)
      token, token_generator_meta = @iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
      expect(token).to eq('abc')
    end
  end

  context 'given invalid token generator url that will result in timeouts' do
    let!(:invalid_generator_configuration) {{
      'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
      'generator-url' => 'http://auth-token-generator.auto-h.net/generate',
      'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
    }}
    let!(:iut) { SoarAuthenticationToken::TokenGenerator.new(invalid_generator_configuration) }
    it 'raise error after attempt that timeout has occured' do
      stub_request(:post, "http://auth-token-generator.auto-h.net/generate?flow_identifier=test-flow-id").
        with(body: "{\"authenticated_identifier\":\"a@b.co.za\"}",
             headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization'=>'test_ecosystem_token_for_auth_token_aaapi_authenticator_service', 'User-Agent'=>'Ruby'}).
        to_timeout.times(2)
      expect{
        iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
      }.to raise_error Timeout::Error
    end
    it 'by default attempts 2 times with 3 second timeout' do
       stub_request(:post, "http://auth-token-generator.auto-h.net/generate?flow_identifier=test-flow-id").
         with(body: "{\"authenticated_identifier\":\"a@b.co.za\"}",
              headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization'=>'test_ecosystem_token_for_auth_token_aaapi_authenticator_service', 'User-Agent'=>'Ruby'}).
         to_timeout.times(2)
      expect{
        iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
      }.to raise_error Timeout::Error
    end
  end
end