package handler

import (
	"crypto/hmac"
	"crypto/sha1"
	"encoding/base64"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"

	"github.com/gin-gonic/gin"

	"wx_service/config"
	uploadservice "wx_service/internal/common/upload/service"
)

func TestUploadCallbackSuccess(t *testing.T) {
	t.Parallel()
	gin.SetMode(gin.TestMode)

	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
	h := NewUploadHandler(uploadservice.NewUploadService(cfg))

	body := "key=uploads/test.png&hash=abc&fsize=12&mimeType=image%2Fpng"
	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+signCallback(req.URL.Path+"\n"+body, cfg.SecretKey))
	w := httptest.NewRecorder()
	c, _ := gin.CreateTestContext(w)
	c.Request = req

	h.UploadCallback(c)

	if w.Code != http.StatusOK {
		t.Fatalf("status=%d, want=200, body=%s", w.Code, w.Body.String())
	}
	if !strings.Contains(w.Body.String(), `"code":200`) {
		t.Fatalf("unexpected response body: %s", w.Body.String())
	}
}

func TestUploadCallbackInvalidSignature(t *testing.T) {
	t.Parallel()
	gin.SetMode(gin.TestMode)

	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
	h := NewUploadHandler(uploadservice.NewUploadService(cfg))

	body := "key=uploads/test.png&hash=abc"
	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "QBox ak-test:bad-sign")
	w := httptest.NewRecorder()
	c, _ := gin.CreateTestContext(w)
	c.Request = req

	h.UploadCallback(c)

	if w.Code != http.StatusUnauthorized {
		t.Fatalf("status=%d, want=401, body=%s", w.Code, w.Body.String())
	}
}

func TestUploadCallbackMissingKey(t *testing.T) {
	t.Parallel()
	gin.SetMode(gin.TestMode)

	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
	h := NewUploadHandler(uploadservice.NewUploadService(cfg))

	body := "hash=abc&fsize=12"
	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+signCallback(req.URL.Path+"\n"+body, cfg.SecretKey))
	w := httptest.NewRecorder()
	c, _ := gin.CreateTestContext(w)
	c.Request = req

	h.UploadCallback(c)

	if w.Code != http.StatusBadRequest {
		t.Fatalf("status=%d, want=400, body=%s", w.Code, w.Body.String())
	}
}

func TestParseCallbackPayloadJSON(t *testing.T) {
	t.Parallel()
	raw := []byte(`{"key":"uploads/test.png","hash":"abc","fsize":321,"mimeType":"image/png"}`)
	got, err := parseCallbackPayload("application/json", raw)
	if err != nil {
		t.Fatalf("parseCallbackPayload: %v", err)
	}
	if got.Key != "uploads/test.png" || got.Hash != "abc" || got.Fsize != 321 {
		t.Fatalf("unexpected payload: %+v", got)
	}
}

func signCallback(signing, secret string) string {
	mac := hmac.New(sha1.New, []byte(secret))
	_, _ = mac.Write([]byte(signing))
	return base64.URLEncoding.WithPadding(base64.NoPadding).EncodeToString(mac.Sum(nil))
}