package hyperswitch

import (
	"crypto/hmac"
	"crypto/sha512"
	"encoding/hex"
	"testing"
)

func TestVerifyWebhookSignature(t *testing.T) {
	secret := "test_webhook_secret"
	payload := []byte(`{"payment_id":"pay_123","status":"succeeded"}`)
	mac := hmac.New(sha512.New, []byte(secret))
	mac.Write(payload)
	validSig := hex.EncodeToString(mac.Sum(nil))

	t.Run("valid signature", func(t *testing.T) {
		err := VerifyWebhookSignature(payload, validSig, secret)
		if err != nil {
			t.Errorf("expected nil, got %v", err)
		}
	})

	t.Run("invalid signature", func(t *testing.T) {
		err := VerifyWebhookSignature(payload, "invalid_sig", secret)
		if err == nil {
			t.Error("expected error for invalid signature")
		}
	})

	t.Run("empty secret", func(t *testing.T) {
		err := VerifyWebhookSignature(payload, validSig, "")
		if err == nil {
			t.Error("expected error when secret is empty")
		}
	})

	t.Run("empty signature header", func(t *testing.T) {
		err := VerifyWebhookSignature(payload, "", secret)
		if err == nil {
			t.Error("expected error when signature header is empty")
		}
	})
}