// Mock data
const mockFetch = require("node-fetch")
const { data } = require("./utilities/mock-data")
const issuer = "mockIssuer"
const sub = "mockSub"
const profile = {
  id: "mockId",
  _json: {
    email : data.email
  }
}
let jwtClaims = {}  
const idToken = "mockIdToken"
const params = {}

const callbackUrl = "http://somecallbackurl"

// response from .well-known/openid-configuration
const oidcConfigUrlResponse = {
  issuer: issuer,
  authorization_endpoint: "mockAuthorizationEndpoint",
  token_endpoint: "mockTokenEndpoint",
  userinfo_endpoint: "mockUserInfoEndpoint"
}

const oidcConfig = {
  configUrl: "http://someconfigurl",
  clientID: data.clientID,
  clientSecret: data.clientSecret,
}

const user = data.buildThirdPartyUser(issuer, "oidc", profile)

describe("oidc", () => {
  describe("strategyFactory", () => {  
    // mock passport strategy factory
    jest.mock("@techpass/passport-openidconnect")
    const mockStrategy = require("@techpass/passport-openidconnect").Strategy
    
    // mock the request to retrieve the oidc configuration
    mockFetch.mockReturnValue({
      ok: true,
      json: () => oidcConfigUrlResponse
    })
  
    it("should create successfully create an oidc strategy", async () => {
      const oidc = require("../oidc")
      const enrichedConfig = await oidc.fetchStrategyConfig(oidcConfig, callbackUrl)
      await oidc.strategyFactory(enrichedConfig, callbackUrl)
  
      expect(mockFetch).toHaveBeenCalledWith(oidcConfig.configUrl)

      const expectedOptions = {
        issuer: oidcConfigUrlResponse.issuer,
        authorizationURL: oidcConfigUrlResponse.authorization_endpoint,
        tokenURL: oidcConfigUrlResponse.token_endpoint,
        userInfoURL: oidcConfigUrlResponse.userinfo_endpoint,
        clientID: oidcConfig.clientID,
        clientSecret: oidcConfig.clientSecret,
        callbackURL: callbackUrl,
      }
      expect(mockStrategy).toHaveBeenCalledWith(
        expectedOptions,
        expect.anything()
      )
    })
  })
  
  describe("authenticate", () => {    
    afterEach(() => {
      jest.clearAllMocks()
    });

    // mock third party common authentication
    jest.mock("../third-party-common")
    const authenticateThirdParty = require("../third-party-common").authenticateThirdParty
    
    // mock the passport callback
    const mockDone = jest.fn()
    const mockSaveUserFn = jest.fn()

    async function doAuthenticate() {
      const oidc = require("../oidc")
      const authenticate = await oidc.buildVerifyFn(mockSaveUserFn)

      await authenticate(
        issuer,
        sub,
        profile,
        jwtClaims,
        data.accessToken,
        data.refreshToken,
        idToken,
        params,
        mockDone
      )
    }

    async function doTest() {
      await doAuthenticate()

      expect(authenticateThirdParty).toHaveBeenCalledWith(
        user,
        false, 
        mockDone,
        mockSaveUserFn,
      )
    }

    it("delegates authentication to third party common", async () => {
      await doTest()
    })

    it("uses JWT email to get email", async () => {
      delete profile._json.email
      jwtClaims = {
        email : "mock@budibase.com"
      }

      await doTest()
    })
  
    it("uses JWT username to get email", async () => {
      delete profile._json.email
      jwtClaims = {
        preferred_username : "mock@budibase.com"
      }

      await doTest()
    })

    it("uses JWT invalid username to get email", async () => {
      delete profile._json.email

      jwtClaims = {
        preferred_username : "invalidUsername"
      }

      await expect(doAuthenticate()).rejects.toThrow("Could not determine user email from profile");
    })
  
  })
})