import uuid

import requests

from tests.conftest import BASE_URL


def _session():
    s = requests.Session()
    name = f"push_{uuid.uuid4().hex[:10]}"
    s.post(f"{BASE_URL}/auth/signup", data={
        "username": name,
        "email": f"{name}@test.dev",
        "password": "secret123",
        "confirm_password": "secret123",
    }, allow_redirects=True)
    return s


def test_public_key_endpoint(app_server):
    r = requests.get(f"{BASE_URL}/push.json")
    assert r.status_code == 200
    assert r.json().get("publicKey")


def test_register_requires_auth(app_server):
    r = requests.post(f"{BASE_URL}/push.json", json={
        "endpoint": "https://push.example.com/anon",
        "keys": {"p256dh": "key", "auth": "auth"},
    }, allow_redirects=False)
    assert r.status_code == 401


def test_register_success(app_server):
    s = _session()
    r = s.post(f"{BASE_URL}/push.json", json={
        "endpoint": "https://push.example.com/sub-1",
        "keys": {"p256dh": "p256dh_fake", "auth": "auth_fake"},
    })
    assert r.status_code == 200, r.text
    assert r.json().get("registered") is True


def test_register_missing_keys_rejected(app_server):
    s = _session()
    r = s.post(f"{BASE_URL}/push.json", json={"endpoint": "https://push.example.com/x"})
    assert r.status_code == 400


def test_register_invalid_json_rejected(app_server):
    s = _session()
    r = s.post(f"{BASE_URL}/push.json", data="not-json", headers={"Content-Type": "application/json"})
    assert r.status_code == 400


def test_service_worker_served(app_server):
    r = requests.get(f"{BASE_URL}/service-worker.js")
    assert r.status_code == 200
    assert r.headers.get("Service-Worker-Allowed") == "/"


def test_manifest_served(app_server):
    r = requests.get(f"{BASE_URL}/manifest.json")
    assert r.status_code == 200


def test_browser_base64_is_url_safe_unpadded():
    import base64
    from devplacepy import push
    encoded = push.browser_base64(b"\xff\xfe\x00 hello")
    assert "=" not in encoded
    assert "+" not in encoded and "/" not in encoded
    assert base64.urlsafe_b64decode(encoded + "==") == b"\xff\xfe\x00 hello"


def test_hkdf_returns_requested_length():
    from devplacepy import push
    derived = push.hkdf(b"input-key-material", b"salt", b"info", 16)
    assert isinstance(derived, bytes)
    assert len(derived) == 16


def test_public_key_standard_b64_non_empty():
    from devplacepy import push
    assert push.public_key_standard_b64()


def test_create_notification_authorization_is_jwt():
    from devplacepy import push
    token = push.create_notification_authorization("https://push.example.com/endpoint")
    assert token.count(".") == 2