using Microsoft.AspNetCore.Http;
using Moq;
using NUnit.Framework;

namespace eSuite.API.UnitTests.SingleSignOn.CookieManager;

[TestFixture]
public class CreateSsoIdCookieUnitTests : CookieManagerTestBase
{
    [SetUp]
    public override async Task Setup()
    {
        await base.Setup();
    }

    [Test]
    public async Task CreateSsoIdCookie_WhenCalled_AddsCookieToResponseWithCorrectSettings()
    {
        //Arrange
        var cookies = new FakeResponseCookies();

        var httpResponseMock = new Mock<HttpResponse>();
        httpResponseMock.SetupGet(x => x.Cookies).Returns(cookies);

        var ssoId = 12345;

        //Act
        await _cookieManager.CreateSsoIdCookie(httpResponseMock.Object, ssoId);

        //Assert
        Assert.That(cookies.CookieDictionary["eSuiteSsoProvider"], Is.Not.Null);
        Assert.That(cookies.CookieDictionary["eSuiteSsoProvider"].Value, Is.EqualTo(ssoId.ToString()));
        var cookieOptions = cookies.CookieDictionary["eSuiteSsoProvider"].CookieOptions!;
        Assert.That(cookieOptions.Expires, Is.Not.Null); //Not a session cookie, so can last for a while between sessions.
        Assert.That(cookieOptions.HttpOnly, Is.True); //Does not need to be read by anything else.
        Assert.That(cookieOptions.IsEssential, Is.True);
        Assert.That(cookieOptions.Secure, Is.True);
        Assert.That(cookieOptions.SameSite, Is.EqualTo(SameSiteMode.Strict)); //Don't allow cross site calls to include the cookie
        Assert.That(cookieOptions.Path, Is.EqualTo("/"));
    }
}