package oauth_test

import (
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/mathiasbq/hyperguild/ingestion/internal/oauth"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestMetadataHandler_ReturnsJSON(t *testing.T) {
	h := oauth.MetadataHandler("https://brain-mcp.d-ma.be")
	req := httptest.NewRequest(http.MethodGet, "/.well-known/oauth-authorization-server", nil)
	rr := httptest.NewRecorder()
	h.ServeHTTP(rr, req)

	assert.Equal(t, http.StatusOK, rr.Code)
	assert.Equal(t, "application/json", rr.Header().Get("Content-Type"))

	var body map[string]any
	require.NoError(t, json.Unmarshal(rr.Body.Bytes(), &body))
	assert.Equal(t, "https://brain-mcp.d-ma.be", body["issuer"])
	assert.Equal(t, "https://brain-mcp.d-ma.be/oauth/token", body["token_endpoint"])
	assert.ElementsMatch(t, []any{"client_credentials"}, body["grant_types_supported"])
	assert.ElementsMatch(t,
		[]any{"client_secret_post", "client_secret_basic"},
		body["token_endpoint_auth_methods_supported"])
}

func TestMetadataHandler_StripsTrailingSlashFromIssuer(t *testing.T) {
	h := oauth.MetadataHandler("https://brain-mcp.d-ma.be/")
	rr := httptest.NewRecorder()
	h.ServeHTTP(rr, httptest.NewRequest(http.MethodGet, "/.well-known/oauth-authorization-server", nil))
	var body map[string]any
	require.NoError(t, json.Unmarshal(rr.Body.Bytes(), &body))
	assert.Equal(t, "https://brain-mcp.d-ma.be", body["issuer"])
	assert.Equal(t, "https://brain-mcp.d-ma.be/oauth/token", body["token_endpoint"])
}