import { tap, expect } from '@git.zone/tstest/tapbundle';
import { VpnConfig } from '../ts/index.js';
import type { IVpnClientConfig, IVpnServerConfig } from '../ts/index.js';

tap.test('VpnConfig: validate valid client config', async () => {
  const config: IVpnClientConfig = {
    serverUrl: 'wss://vpn.example.com/tunnel',
    serverPublicKey: 'dGVzdHB1YmxpY2tleQ==',
    dns: ['1.1.1.1', '8.8.8.8'],
    mtu: 1420,
    keepaliveIntervalSecs: 30,
  };
  // Should not throw
  VpnConfig.validateClientConfig(config);
});

tap.test('VpnConfig: reject client config without serverUrl', async () => {
  const config = {
    serverPublicKey: 'dGVzdHB1YmxpY2tleQ==',
  } as IVpnClientConfig;
  let threw = false;
  try {
    VpnConfig.validateClientConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('serverUrl');
  }
  expect(threw).toBeTrue();
});

tap.test('VpnConfig: reject client config with invalid serverUrl scheme', async () => {
  const config: IVpnClientConfig = {
    serverUrl: 'http://vpn.example.com/tunnel',
    serverPublicKey: 'dGVzdHB1YmxpY2tleQ==',
  };
  let threw = false;
  try {
    VpnConfig.validateClientConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('wss://');
  }
  expect(threw).toBeTrue();
});

tap.test('VpnConfig: reject client config with invalid MTU', async () => {
  const config: IVpnClientConfig = {
    serverUrl: 'wss://vpn.example.com/tunnel',
    serverPublicKey: 'dGVzdHB1YmxpY2tleQ==',
    mtu: 100,
  };
  let threw = false;
  try {
    VpnConfig.validateClientConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('mtu');
  }
  expect(threw).toBeTrue();
});

tap.test('VpnConfig: reject client config with invalid DNS', async () => {
  const config: IVpnClientConfig = {
    serverUrl: 'wss://vpn.example.com/tunnel',
    serverPublicKey: 'dGVzdHB1YmxpY2tleQ==',
    dns: ['not-an-ip'],
  };
  let threw = false;
  try {
    VpnConfig.validateClientConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('DNS');
  }
  expect(threw).toBeTrue();
});

tap.test('VpnConfig: validate valid server config', async () => {
  const config: IVpnServerConfig = {
    listenAddr: '0.0.0.0:443',
    privateKey: 'dGVzdHByaXZhdGVrZXk=',
    publicKey: 'dGVzdHB1YmxpY2tleQ==',
    subnet: '10.8.0.0/24',
    dns: ['1.1.1.1'],
    mtu: 1420,
    enableNat: true,
  };
  // Should not throw
  VpnConfig.validateServerConfig(config);
});

tap.test('VpnConfig: reject server config with invalid subnet', async () => {
  const config: IVpnServerConfig = {
    listenAddr: '0.0.0.0:443',
    privateKey: 'dGVzdHByaXZhdGVrZXk=',
    publicKey: 'dGVzdHB1YmxpY2tleQ==',
    subnet: 'invalid',
  };
  let threw = false;
  try {
    VpnConfig.validateServerConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('subnet');
  }
  expect(threw).toBeTrue();
});

tap.test('VpnConfig: reject server config without privateKey', async () => {
  const config = {
    listenAddr: '0.0.0.0:443',
    publicKey: 'dGVzdHB1YmxpY2tleQ==',
    subnet: '10.8.0.0/24',
  } as IVpnServerConfig;
  let threw = false;
  try {
    VpnConfig.validateServerConfig(config);
  } catch (e) {
    threw = true;
    expect((e as Error).message).toContain('privateKey');
  }
  expect(threw).toBeTrue();
});

export default tap.start();