package services

import (
	"testing"

	"github.com/google/uuid"
	"go.uber.org/zap"
)

func TestNewWebAuthnService(t *testing.T) {
	logger := zap.NewNop()
	svc := NewWebAuthnService(nil, logger, "", "")
	if svc.rpID != "localhost" {
		t.Errorf("expected default rpID 'localhost', got %q", svc.rpID)
	}
	if svc.rpName != "Veza" {
		t.Errorf("expected default rpName 'Veza', got %q", svc.rpName)
	}

	svc2 := NewWebAuthnService(nil, logger, "veza.fr", "Veza Platform")
	if svc2.rpID != "veza.fr" {
		t.Errorf("expected rpID 'veza.fr', got %q", svc2.rpID)
	}
}

func TestWebAuthnChallengeGeneration(t *testing.T) {
	logger := zap.NewNop()
	// Without DB, BeginRegistration will still generate challenge and options
	svc := NewWebAuthnService(nil, logger, "veza.fr", "Veza")

	userID := uuid.New()
	challenge, options, err := svc.BeginRegistration(nil, userID, "testuser")
	if err != nil {
		t.Fatalf("unexpected error: %v", err)
	}
	if challenge.Challenge == "" {
		t.Error("expected non-empty challenge")
	}
	if challenge.Type != "registration" {
		t.Errorf("expected type 'registration', got %q", challenge.Type)
	}
	if options == nil {
		t.Error("expected non-nil options")
	}
	// Check RP info in options
	rp, ok := options["rp"].(map[string]string)
	if !ok {
		t.Fatal("expected rp map in options")
	}
	if rp["id"] != "veza.fr" {
		t.Errorf("expected rp.id 'veza.fr', got %q", rp["id"])
	}
}

func TestWebAuthnFinishRegistrationValidation(t *testing.T) {
	logger := zap.NewNop()
	svc := NewWebAuthnService(nil, logger, "localhost", "Veza")

	// Empty credential should fail
	_, err := svc.FinishRegistration(nil, uuid.New(), nil, nil, nil, "none", "")
	if err == nil {
		t.Error("expected error for empty credential data")
	}

	_, err = svc.FinishRegistration(nil, uuid.New(), []byte("cred"), nil, nil, "none", "")
	if err == nil {
		t.Error("expected error for empty public key")
	}
}