import { tap, expect } from '@push.rocks/tapbundle';
import { SmartAcme, certmanagers } from '../ts/index.js';
import { Http01MemoryHandler } from '../ts/handlers/Http01MemoryHandler.js';

// Test that HTTP-01 only configuration works without wildcard certificates
tap.test('HTTP-01 only configuration should work for regular domains', async () => {
  const memHandler = new Http01MemoryHandler();
  
  // Stub the domain support check to always return true for testing
  memHandler.checkWetherDomainIsSupported = async () => true;
  
  const smartAcmeInstance = new SmartAcme({
    accountEmail: 'test@example.com',
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
    challengeHandlers: [memHandler],
    challengePriority: ['http-01'],
  });
  
  // Stub the start method to avoid actual ACME connections
  smartAcmeInstance.start = async () => {
    smartAcmeInstance.certmatcher = {
      getCertificateDomainNameByDomainName: (domain: string) => domain.replace('*.', '')
    } as any;
    smartAcmeInstance.interestMap = {
      checkInterest: async () => false,
      addInterest: async () => ({ interestFullfilled: new Promise(() => {}) } as any)
    } as any;
    await smartAcmeInstance.certmanager.init();
  };
  await smartAcmeInstance.start();
  
  // Stub the core certificate methods to avoid actual ACME calls
  smartAcmeInstance.client = {
    createOrder: async (orderPayload: any) => {
      // Verify no wildcard is included in default request
      const identifiers = orderPayload.identifiers;
      expect(identifiers.length).toEqual(1);
      expect(identifiers[0].value).toEqual('example.com');
      expect(identifiers.find((id: any) => id.value.startsWith('*.'))).toBeUndefined();
      return { status: 'pending', authorizations: [], finalize: '', certificate: '' };
    },
    getAuthorizations: async () => [],
    finalizeOrder: async () => {},
    getCertificate: async () => '-----BEGIN CERTIFICATE-----\ntest\n-----END CERTIFICATE-----',
  } as any;
  
  smartAcmeInstance.retry = async (fn: () => Promise<any>) => fn();
  
  // Mock certmanager methods
  smartAcmeInstance.certmanager.retrieveCertificate = async () => null;
  smartAcmeInstance.certmanager.storeCertificate = async (cert: any) => cert;
  
  // Request certificate without wildcard
  const cert = await smartAcmeInstance.getCertificateForDomain('example.com');
  expect(cert).toBeDefined();
});

tap.test('should only include wildcard when explicitly requested with DNS-01', async () => {
  const dnsHandler = {
    getSupportedTypes: () => ['dns-01'],
    prepare: async () => {},
    cleanup: async () => {},
    checkWetherDomainIsSupported: async () => true,
  };
  
  const smartAcmeInstance = new SmartAcme({
    accountEmail: 'test@example.com',
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
    challengeHandlers: [dnsHandler],
    challengePriority: ['dns-01'],
  });
  
  // Stub the start method to avoid actual ACME connections
  smartAcmeInstance.start = async () => {
    smartAcmeInstance.certmatcher = {
      getCertificateDomainNameByDomainName: (domain: string) => domain.replace('*.', '')
    } as any;
    smartAcmeInstance.interestMap = {
      checkInterest: async () => false,
      addInterest: async () => ({ interestFullfilled: new Promise(() => {}) } as any)
    } as any;
    await smartAcmeInstance.certmanager.init();
  };
  await smartAcmeInstance.start();
  
  // Stub the core certificate methods
  smartAcmeInstance.client = {
    createOrder: async (orderPayload: any) => {
      const identifiers = orderPayload.identifiers;
      expect(identifiers.length).toEqual(2);
      expect(identifiers[0].value).toEqual('example.com');
      expect(identifiers[1].value).toEqual('*.example.com');
      return { status: 'pending', authorizations: [], finalize: '', certificate: '' };
    },
    getAuthorizations: async () => [],
    finalizeOrder: async () => {},
    getCertificate: async () => '-----BEGIN CERTIFICATE-----\ntest\n-----END CERTIFICATE-----',
  } as any;
  
  smartAcmeInstance.retry = async (fn: () => Promise<any>) => fn();
  
  // Mock certmanager methods
  smartAcmeInstance.certmanager.retrieveCertificate = async () => null;
  smartAcmeInstance.certmanager.storeCertificate = async (cert: any) => cert;
  
  // Request certificate with wildcard
  const cert = await smartAcmeInstance.getCertificateForDomain('example.com', { includeWildcard: true });
  expect(cert).toBeDefined();
});

tap.test('should skip wildcard if requested but no DNS-01 handler available', async () => {
  const httpHandler = new Http01MemoryHandler();
  httpHandler.checkWetherDomainIsSupported = async () => true;
  
  const smartAcmeInstance = new SmartAcme({
    accountEmail: 'test@example.com',
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
    challengeHandlers: [httpHandler],
    challengePriority: ['http-01'],
  });
  
  // Stub the start method to avoid actual ACME connections
  smartAcmeInstance.start = async () => {
    smartAcmeInstance.certmatcher = {
      getCertificateDomainNameByDomainName: (domain: string) => domain.replace('*.', '')
    } as any;
    smartAcmeInstance.interestMap = {
      checkInterest: async () => false,
      addInterest: async () => ({ interestFullfilled: new Promise(() => {}) } as any)
    } as any;
    await smartAcmeInstance.certmanager.init();
  };
  await smartAcmeInstance.start();
  
  // Mock logger to capture warning
  const logSpy = { called: false, message: '' };
  smartAcmeInstance.logger.log = async (level: string, message: string) => {
    if (level === 'warn') {
      logSpy.called = true;
      logSpy.message = message;
    }
  };
  
  // Stub the core certificate methods
  smartAcmeInstance.client = {
    createOrder: async (orderPayload: any) => {
      const identifiers = orderPayload.identifiers;
      // Should only have regular domain, no wildcard
      expect(identifiers.length).toEqual(1);
      expect(identifiers[0].value).toEqual('example.com');
      return { status: 'pending', authorizations: [], finalize: '', certificate: '' };
    },
    getAuthorizations: async () => [],
    finalizeOrder: async () => {},
    getCertificate: async () => '-----BEGIN CERTIFICATE-----\ntest\n-----END CERTIFICATE-----',
  } as any;
  
  smartAcmeInstance.retry = async (fn: () => Promise<any>) => fn();
  
  // Mock certmanager methods
  smartAcmeInstance.certmanager.retrieveCertificate = async () => null;
  smartAcmeInstance.certmanager.storeCertificate = async (cert: any) => cert;
  
  // Request certificate with wildcard (should be skipped)
  const cert = await smartAcmeInstance.getCertificateForDomain('example.com', { includeWildcard: true });
  
  expect(cert).toBeDefined();
  expect(logSpy.called).toBeTrue();
  expect(logSpy.message).toContain('Wildcard certificate requested but no DNS-01 handler available');
});

export default tap.start();