package at.asitplus.eidas.specific.modules.auth.idaustria.test.utils;

import java.time.Instant;
import java.time.temporal.ChronoUnit;

import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.health.Health;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.w3c.dom.Element;

import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthHealthCheck;
import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthMetadataProvider;
import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import net.shibboleth.utilities.java.support.xml.SerializeSupport;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import okhttp3.HttpUrl;
import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.MockWebServer;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {
    "/spring/SpringTest-context_basic_test.xml",
    "/spring/SpringTest-context_basic_mapConfig.xml"
})
public class IdAustriaAuthHealthCheckTest {

  @Autowired private IdAustriaAuthHealthCheck toCheck;
  @Autowired protected MsConnectorDummyConfigMap config;
  @Autowired private IPvp2CredentialProvider credentialProvider;
  @Autowired IdAustriaAuthMetadataProvider provider;
  
  private static MockWebServer mockWebServer;
  private static HttpUrl mockServerUrl;
  
  /**
   * JUnit class initializer.
   *
   * @throws Exception In case of an OpenSAML3 initialization error
   */
  @BeforeClass
  public static void classInitializer() throws Exception {
    EaafOpenSaml3xInitializer.eaafInitialize();

    mockWebServer = new MockWebServer();
    mockServerUrl = mockWebServer.url("/sp/metadata");

  }
 
  @Test
  public void notActive() {
    //set-up test
    config.putConfigValue(IdAustriaAuthConstants.CONFIG_PROPS_IDAUSTRIA_METADATAURL, 
        null);
    
    //perform check
    Health status = toCheck.health();
    
    //evaluate status
    Assert.assertEquals("wrong status", Health.unknown().build().getStatus(), status.getStatus());
    
  }
  
  @Test
  public void success() throws SamlSigningException, CredentialsNotAvailableException, 
      XMLParserException, UnmarshallingException, MarshallingException {

    //set-up test
    config.putConfigValue(IdAustriaAuthConstants.CONFIG_PROPS_IDAUSTRIA_METADATAURL, 
        mockServerUrl.url().toString());
    injectValidHttpMetadata(mockServerUrl.url().toString());
    
    //perform check
    Health status = toCheck.health();
    
    //evaluate status
    Assert.assertEquals("wrong status", Health.up().build().getStatus(), status.getStatus());
        
  }
  
  @Test
  public void invalid() throws SamlSigningException, CredentialsNotAvailableException, 
      XMLParserException, UnmarshallingException, MarshallingException, ResolverException {
    //set-up test
    provider.clear();
    config.putConfigValue(IdAustriaAuthConstants.CONFIG_PROPS_IDAUSTRIA_METADATAURL, 
        "http://localhost:1234/junit/metadata");
        
    //perform check
    Health status = toCheck.health();
    
    //evaluate status
    Assert.assertEquals("wrong status", Health.outOfService().build().getStatus(), status.getStatus());
    
  }
  
  private String injectValidHttpMetadata(String dynEntityId) throws XMLParserException,
      UnmarshallingException, MarshallingException, SamlSigningException, CredentialsNotAvailableException {
    final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
    XMLObjectProviderRegistrySupport.getParserPool(),
    IdAustriaAuthHealthCheckTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
    metadata.setValidUntil(Instant.now().plus(1, ChronoUnit.DAYS));
    metadata.setSignature(null);
    metadata.setEntityID(dynEntityId);
    Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
    final Element metadataElement = XMLObjectSupport.marshall(metadata);
    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
        .setBody(SerializeSupport.nodeToString(metadataElement))
        .setHeader("Content-Type", "text/html;charset=utf-8"));
    return dynEntityId;

}
  
}