const Q = require('q')
const fixture = require('./fixture')
const request = require('request')
const io = require('socket.io-client')

describe('authorizer', () => {
  //start and stop the server
  before((done) => {
    fixture.start({}, done)
  })
  after(fixture.stop)

  describe('when the user is not logged in', () => {
    it('should emit error with unauthorized handshake', (done) => {
      const socket = io.connect('http://localhost:9000?token=boooooo', {
        forceNew: true
      })

      socket.on('error', (err) => {
        err.message.should.eql('jwt malformed')
        err.code.should.eql('invalid_token')
        socket.close()
        done()
      })
    })
  })

  describe('when the user is logged in', () => {
    before((done) => {
      request.post(
        {
          url: 'http://localhost:9000/login',
          form: { username: 'jose', password: 'Pa123' },
          json: true
        },
        (err, resp, body) => {
          this.token = body.token
          done()
        }
      )
    })

    describe('authorizer disallows query string token when specified in startup options', () => {
      before((done) => {
        Q.ninvoke(fixture, 'stop')
          .then(() =>
            Q.ninvoke(fixture, 'start', { auth_header_required: true })
          )
          .done(done)
      })

      after((done) => {
        Q.ninvoke(fixture, 'stop')
          .then(() => Q.ninvoke(fixture, 'start', {}))
          .done(done)
      })

      it('auth headers are supported', (done) => {
        const socket = io.connect('http://localhost:9000', {
          forceNew: true,
          extraHeaders: { Authorization: 'Bearer ' + this.token }
        })

        socket
          .on('connect', () => {
            socket.close()
            done()
          })
          .on('error', done)
      })

      it('auth token in query string is disallowed', (done) => {
        const socket = io.connect('http://localhost:9000', {
          forceNew: true,
          query: 'token=' + this.token
        })

        socket.on('error', (err) => {
          err.message.should.eql('Server requires Authorization Header')
          err.code.should.eql('missing_authorization_header')
          socket.close()
          done()
        })
      })
    })

    describe('authorizer all auth types allowed', () => {
      before((done) => {
        Q.ninvoke(fixture, 'stop')
          .then(() => Q.ninvoke(fixture, 'start', {}))
          .done(done)
      })

      it('auth headers are supported', (done) => {
        const socket = io.connect('http://localhost:9000', {
          forceNew: true,
          extraHeaders: { Authorization: 'Bearer ' + this.token }
        })

        socket
          .on('connect', () => {
            socket.close()
            done()
          })
          .on('error', done)
      })

      it('should do the handshake and connect', (done) => {
        const socket = io.connect('http://localhost:9000', {
          forceNew: true,
          query: 'token=' + this.token
        })

        socket
          .on('connect', () => {
            socket.close()
            done()
          })
          .on('error', done)
      })
    })
  })

  describe('unsigned token', () => {
    beforeEach(() => {
      this.token =
        'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.'
    })

    it('should not do the handshake and connect', (done) => {
      const socket = io.connect('http://localhost:9000', {
        forceNew: true,
        query: 'token=' + this.token
      })

      socket
        .on('connect', () => {
          socket.close()
          done(new Error('this shouldnt happen'))
        })
        .on('error', (err) => {
          socket.close()
          err.message.should.eql('jwt signature is required')
          done()
        })
    })
  })
})