package auth

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/stretchr/testify/assert"
)

func TestAuthorizationMiddleware(t *testing.T) {
	t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
		handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			w.WriteHeader(http.StatusOK)
		})

		middleware := AuthenticationMiddleware{
			Secret: "foo",
		}

		middlewareHandler := middleware.Middleware(handler)

		request, _ := http.NewRequest("GET", "/", nil)
		responseRecorder := httptest.NewRecorder()

		middlewareHandler.ServeHTTP(responseRecorder, request)

		assert.Equal(t, responseRecorder.Code, 403)
	})

	t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
		handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			w.WriteHeader(http.StatusOK)
		})

		middleware := AuthenticationMiddleware{
			Secret: "foo",
		}

		middlewareHandler := middleware.Middleware(handler)

		request, _ := http.NewRequest("GET", "/", nil)
		request.Header.Set("Authorization", "foo")
		responseRecorder := httptest.NewRecorder()

		middlewareHandler.ServeHTTP(responseRecorder, request)

		assert.Equal(t, responseRecorder.Code, 200)
	})
}