package com.label.integration;

import com.label.AbstractIntegrationTest;
import com.label.common.result.Result;
import com.label.dto.LoginRequest;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.web.client.TestRestTemplate;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.*;

import java.util.Map;

import static org.assertj.core.api.Assertions.assertThat;

/**
 * 璁よ瘉娴佺▼闆嗘垚娴嬭瘯锛圲S1锛夈€? *
 * 娴嬭瘯鍦烘櫙锛? * 1. 姝ｇ‘瀵嗙爜鐧诲綍 鈫?杩斿洖 token
 * 2. 閿欒瀵嗙爜鐧诲綍 鈫?401
 * 3. 涓嶅瓨鍦ㄧ殑鍏徃浠ｇ爜 鈫?401
 * 4. 鏈夋晥 Token 璁块棶 /api/auth/me 鈫?200锛岃繑鍥炵敤鎴蜂俊鎭? * 5. 涓诲姩閫€鍑哄悗锛屽師 Token 璁块棶 /api/auth/me 鈫?401
 *
 * 娴嬭瘯鏁版嵁鏉ヨ嚜 init.sql 绉嶅瓙锛圖EMO 鍏徃 / admin / admin123锛? */
public class AuthIntegrationTest extends AbstractIntegrationTest {

    @Autowired
    private TestRestTemplate restTemplate;

    // ------------------------------------------------------------------ 鐧诲綍娴嬭瘯 --

    @Test
    @DisplayName("姝ｇ‘瀵嗙爜鐧诲綍 鈫?杩斿洖 token")
    void login_withCorrectCredentials_returnsToken() {
        ResponseEntity<Map> response = doLogin("DEMO", "admin", "admin123");

        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);

        Map<?, ?> body = response.getBody();
        assertThat(body).isNotNull();
        assertThat(body.get("code")).isEqualTo("SUCCESS");

        @SuppressWarnings("unchecked")
        Map<String, Object> data = (Map<String, Object>) body.get("data");
        assertThat(data.get("token")).isNotNull().isInstanceOf(String.class);
        assertThat((String) data.get("token")).isNotBlank();
        assertThat(data.get("role")).isEqualTo("ADMIN");
    }

    @Test
    @DisplayName("閿欒瀵嗙爜鐧诲綍 鈫?401 Unauthorized")
    void login_withWrongPassword_returns401() {
        ResponseEntity<Map> response = doLogin("DEMO", "admin", "wrong_password");
        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
    }

    @Test
    @DisplayName("涓嶅瓨鍦ㄧ殑鍏徃浠ｇ爜 鈫?401 Unauthorized")
    void login_withUnknownCompany_returns401() {
        ResponseEntity<Map> response = doLogin("NONEXIST", "admin", "admin123");
        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
    }

    // ------------------------------------------------------------------ /me 娴嬭瘯 --

    @Test
    @DisplayName("鏈夋晥 Token 璁块棶 /api/auth/me 鈫?200锛岃繑鍥炵敤鎴蜂俊鎭?)
    void me_withValidToken_returns200WithUserInfo() {
        String token = loginAndGetToken("DEMO", "admin", "admin123");
        assertThat(token).isNotBlank();

        ResponseEntity<Map> response = restTemplate.exchange(
                baseUrl("/api/auth/me"),
                HttpMethod.GET,
                bearerRequest(token),
                Map.class);

        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);

        @SuppressWarnings("unchecked")
        Map<String, Object> data = (Map<String, Object>) response.getBody().get("data");
        assertThat(data.get("username")).isEqualTo("admin");
        assertThat(data.get("role")).isEqualTo("ADMIN");
        assertThat(data.get("companyId")).isNotNull();
    }

    @Test
    @DisplayName("鏃?Token 璁块棶 /api/auth/me 鈫?401")
    void me_withNoToken_returns401() {
        ResponseEntity<String> response = restTemplate.getForEntity(
                baseUrl("/api/auth/me"), String.class);
        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
    }

    // ------------------------------------------------------------------ 閫€鍑烘祴璇?--

    @Test
    @DisplayName("涓诲姩閫€鍑哄悗锛屽師 Token 璁块棶 /api/auth/me 鈫?401")
    void logout_thenMe_returns401() {
        String token = loginAndGetToken("DEMO", "admin", "admin123");
        assertThat(token).isNotBlank();

        // 纭鐧诲綍鏈夋晥
        ResponseEntity<Map> meResponse = restTemplate.exchange(
                baseUrl("/api/auth/me"),
                HttpMethod.GET,
                bearerRequest(token),
                Map.class);
        assertThat(meResponse.getStatusCode()).isEqualTo(HttpStatus.OK);

        // 閫€鍑?        ResponseEntity<Map> logoutResponse = restTemplate.exchange(
                baseUrl("/api/auth/logout"),
                HttpMethod.POST,
                bearerRequest(token),
                Map.class);
        assertThat(logoutResponse.getStatusCode()).isEqualTo(HttpStatus.OK);

        // 閫€鍑哄悗鍐嶈闂?/me 鈫?401
        ResponseEntity<Map> meAfterLogout = restTemplate.exchange(
                baseUrl("/api/auth/me"),
                HttpMethod.GET,
                bearerRequest(token),
                Map.class);
        assertThat(meAfterLogout.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
    }

    // ------------------------------------------------------------------ 宸ュ叿鏂规硶 --

    /** 鍙戣捣鐧诲綍璇锋眰锛岃繑鍥炲師濮?ResponseEntity */
    private ResponseEntity<Map> doLogin(String companyCode, String username, String password) {
        LoginRequest req = new LoginRequest();
        req.setCompanyCode(companyCode);
        req.setUsername(username);
        req.setPassword(password);
        return restTemplate.postForEntity(baseUrl("/api/auth/login"), req, Map.class);
    }

    /** 鐧诲綍骞舵彁鍙?token 瀛楃涓诧紱澶辫触鏃惰繑鍥?null */
    private String loginAndGetToken(String companyCode, String username, String password) {
        ResponseEntity<Map> response = doLogin(companyCode, username, password);
        if (!response.getStatusCode().is2xxSuccessful()) {
            return null;
        }
        @SuppressWarnings("unchecked")
        Map<String, Object> data = (Map<String, Object>) response.getBody().get("data");
        return (String) data.get("token");
    }

    /** 鏋勯€犲甫 Bearer Token 鐨勮姹傚疄浣擄紙鏃?body锛?*/
    private HttpEntity<Void> bearerRequest(String token) {
        HttpHeaders headers = new HttpHeaders();
        headers.set("Authorization", "Bearer " + token);
        return new HttpEntity<>(headers);
    }
}