/**
 * Authentication unit tests
 */

import { describe, it, expect } from 'vitest';
import { generateAuthorization } from '../../src/auth';

describe('generateAuthorization', () => {
  const apiKey = 'sandbox-api-key';
  const secretKey = 'sandbox-secret-key';
  const uriPath = '/payment/bin/check';

  it('should generate authorization header with request body', () => {
    const requestBody = { binNumber: '589004', locale: 'tr' };
    const result = generateAuthorization(apiKey, secretKey, uriPath, requestBody);

    expect(result.authorization).toMatch(/^IYZWSv2 /);
    expect(result.randomKey).toBeTruthy();
    expect(result.randomKey.length).toBeGreaterThan(0);
  });

  it('should generate authorization header without request body', () => {
    const result = generateAuthorization(apiKey, secretKey, uriPath);

    expect(result.authorization).toMatch(/^IYZWSv2 /);
    expect(result.randomKey).toBeTruthy();
  });

  it('should generate different random keys for each call', () => {
    const result1 = generateAuthorization(apiKey, secretKey, uriPath);
    const result2 = generateAuthorization(apiKey, secretKey, uriPath);

    expect(result1.randomKey).not.toBe(result2.randomKey);
  });

  it('should use provided random key when given', () => {
    const customRandomKey = '123456789';
    const result = generateAuthorization(apiKey, secretKey, uriPath, undefined, customRandomKey);

    expect(result.randomKey).toBe(customRandomKey);
  });

  it('should generate valid base64 encoded authorization', () => {
    const result = generateAuthorization(apiKey, secretKey, uriPath);
    const base64Part = result.authorization.replace('IYZWSv2 ', '');

    // Base64 should be valid (only contains A-Z, a-z, 0-9, +, /, =)
    expect(base64Part).toMatch(/^[A-Za-z0-9+/=]+$/);
  });

  it('should include apiKey, randomKey, and signature in authorization string', () => {
    const customRandomKey = '123456789';
    const result = generateAuthorization(apiKey, secretKey, uriPath, undefined, customRandomKey);
    const base64Part = result.authorization.replace('IYZWSv2 ', '');
    const decoded = Buffer.from(base64Part, 'base64').toString('utf-8');

    expect(decoded).toContain(`apiKey:${apiKey}`);
    expect(decoded).toContain(`randomKey:${customRandomKey}`);
    expect(decoded).toContain('signature:');
  });
});