import pytest

from tests.util import decode_response

from .oauth1_server import Client
from .oauth1_server import User
from .oauth1_server import create_authorization_server


@pytest.fixture(autouse=True)
def user(db):
    user = User(username="foo")
    db.session.add(user)
    db.session.commit()
    yield user
    db.session.delete(user)


@pytest.fixture(autouse=True)
def client(db, user):
    client = Client(
        user_id=user.id,
        client_id="client",
        client_secret="secret",
        default_redirect_uri="https://client.test",
    )
    db.session.add(client)
    db.session.commit()
    yield client
    db.session.delete(client)


@pytest.mark.parametrize("use_cache", [True, False])
def test_invalid_authorization(app, test_client, use_cache):
    create_authorization_server(app, use_cache, use_cache)
    url = "/oauth/authorize"

    # case 1
    rv = test_client.post(url, data={"user_id": "1"})
    data = decode_response(rv.data)
    assert data["error"] == "missing_required_parameter"
    assert "oauth_token" in data["error_description"]

    # case 2
    rv = test_client.post(url, data={"user_id": "1", "oauth_token": "a"})
    data = decode_response(rv.data)
    assert data["error"] == "invalid_token"


@pytest.mark.parametrize("use_cache", [True, False])
def test_authorize_denied(app, test_client, use_cache):
    create_authorization_server(app, use_cache, use_cache)
    initiate_url = "/oauth/initiate"
    authorize_url = "/oauth/authorize"

    rv = test_client.post(
        initiate_url,
        data={
            "oauth_consumer_key": "client",
            "oauth_callback": "oob",
            "oauth_signature_method": "PLAINTEXT",
            "oauth_signature": "secret&",
        },
    )
    data = decode_response(rv.data)
    assert "oauth_token" in data

    rv = test_client.post(authorize_url, data={"oauth_token": data["oauth_token"]})
    assert rv.status_code == 302
    assert "access_denied" in rv.headers["Location"]
    assert "https://client.test" in rv.headers["Location"]

    rv = test_client.post(
        initiate_url,
        data={
            "oauth_consumer_key": "client",
            "oauth_callback": "https://i.test",
            "oauth_signature_method": "PLAINTEXT",
            "oauth_signature": "secret&",
        },
    )
    data = decode_response(rv.data)
    assert "oauth_token" in data

    rv = test_client.post(authorize_url, data={"oauth_token": data["oauth_token"]})
    assert rv.status_code == 302
    assert "access_denied" in rv.headers["Location"]
    assert "https://i.test" in rv.headers["Location"]


@pytest.mark.parametrize("use_cache", [True, False])
def test_authorize_granted(app, test_client, use_cache):
    create_authorization_server(app, use_cache, use_cache)
    initiate_url = "/oauth/initiate"
    authorize_url = "/oauth/authorize"

    rv = test_client.post(
        initiate_url,
        data={
            "oauth_consumer_key": "client",
            "oauth_callback": "oob",
            "oauth_signature_method": "PLAINTEXT",
            "oauth_signature": "secret&",
        },
    )
    data = decode_response(rv.data)
    assert "oauth_token" in data

    rv = test_client.post(
        authorize_url, data={"user_id": "1", "oauth_token": data["oauth_token"]}
    )
    assert rv.status_code == 302
    assert "oauth_verifier" in rv.headers["Location"]
    assert "https://client.test" in rv.headers["Location"]

    rv = test_client.post(
        initiate_url,
        data={
            "oauth_consumer_key": "client",
            "oauth_callback": "https://i.test",
            "oauth_signature_method": "PLAINTEXT",
            "oauth_signature": "secret&",
        },
    )
    data = decode_response(rv.data)
    assert "oauth_token" in data

    rv = test_client.post(
        authorize_url, data={"user_id": "1", "oauth_token": data["oauth_token"]}
    )
    assert rv.status_code == 302
    assert "oauth_verifier" in rv.headers["Location"]
    assert "https://i.test" in rv.headers["Location"]