import { expect, test } from "@playwright/test";

test.describe("Authentication", () => {
  test.beforeEach(async ({ page }) => {
    // Mock OIDC configuration
    await page.route(
      "**/oidc/.well-known/openid-configuration",
      async (route) => {
        await route.fulfill({
          json: {
            issuer: "http://localhost:5000/oidc",
            authorization_endpoint: "http://localhost:5000/oidc/auth",
            token_endpoint: "http://localhost:5000/oidc/token",
            jwks_uri: "http://localhost:5000/oidc/jwks",
            response_types_supported: ["code"],
            subject_types_supported: ["public"],
            id_token_signing_alg_values_supported: ["RS256"],
          },
        });
      },
    );

    // Default mock for user profile
    await page.route("**/api/v1/user/me", async (route) => {
      await route.fulfill({
        json: {
          id: "admin-user",
          name: "Admin User",
          email: "admin@example.com",
          role: "super_admin",
        },
      });
    });
  });

  test("should redirect unauthorized users to login page", async ({ page }) => {
    await page.goto("/");
    // Should be redirected to /login
    await expect(page).toHaveURL(/\/login/);
    await expect(page.locator("h1")).toContainText("Baron SSO");
  });

  test("should allow access to dashboard when authenticated", async ({
    page,
  }) => {
    await page.addInitScript(() => {
      const authority = "http://localhost:5000/oidc";
      const client_id = "adminfront";
      const key = `oidc.user:${authority}:${client_id}`;
      const authData = {
        access_token: "fake-token",
        token_type: "Bearer",
        profile: {
          sub: "admin-user",
          name: "Admin User",
          email: "admin@example.com",
        },
        expires_at: Math.floor(Date.now() / 1000) + 3600,
      };
      window.localStorage.setItem(key, JSON.stringify(authData));
    });

    await page.goto("/");

    // Wait for the auth loading to finish
    await expect(page.locator(".animate-spin")).not.toBeVisible();

    // Should be on the dashboard/overview
    await expect(page.locator("aside")).toBeVisible();
    await expect(page.locator("h1")).toContainText(/Admin Control|운영 도구/);
  });

  test("should logout and redirect to login page", async ({ page }) => {
    // Start authenticated
    await page.addInitScript(() => {
      const authority = "http://localhost:5000/oidc";
      const client_id = "adminfront";
      const key = `oidc.user:${authority}:${client_id}`;
      const authData = {
        access_token: "fake-token",
        token_type: "Bearer",
        profile: { sub: "admin-user", name: "Admin" },
        expires_at: Math.floor(Date.now() / 1000) + 3600,
      };
      window.localStorage.setItem(key, JSON.stringify(authData));
    });

    await page.goto("/");

    // Wait for the auth loading to finish
    await expect(page.locator(".animate-spin")).not.toBeVisible();

    // Mock window.confirm
    page.on("dialog", (dialog) => dialog.accept());

    // Click logout button in the sidebar (use nav container to be specific)
    await page.click(
      'nav button:has-text("Logout"), nav button:has-text("로그아웃")',
    );

    await expect(page).toHaveURL(/\/login/);
  });
});