"""Tests for security and authentication."""

from unittest import mock
import pytest
from fastapi.testclient import TestClient

from app.core.security import verify_api_key
from app.core.exceptions import AuthenticationError


class TestAPIKeySecurity:
    """Test API key security functions."""

    def test_verify_api_key_valid(self, api_key):
        """Test verifying a valid API key."""
        assert verify_api_key(api_key) is True

    def test_verify_api_key_invalid(self, invalid_api_key):
        """Test verifying an invalid API key."""
        with pytest.raises(AuthenticationError):
            verify_api_key(invalid_api_key)

    def test_verify_api_key_empty(self):
        """Test verifying empty API key."""
        with pytest.raises(AuthenticationError):
            verify_api_key("")


class TestAPIKeyMiddleware:
    """Test API key middleware functionality."""

    def test_middleware_allows_health_endpoint(self, client):
        """Test that middleware allows access to health endpoint without API key."""
        response = client.get("/health")
        assert response.status_code == 200

    def test_middleware_allows_docs_endpoint(self, client):
        """Test that middleware allows access to docs endpoint without API key."""
        response = client.get("/docs")
        assert response.status_code == 200

    def test_middleware_allows_root_endpoint(self, client):
        """Test that middleware allows access to root endpoint without API key."""
        response = client.get("/")
        assert response.status_code == 200

    def test_middleware_blocks_api_without_key(self, client):
        """Test that middleware blocks API access without API key."""
        response = client.post(
            "/api/v1/subtitles/extract",
            json={"url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ", "lang": "en"}
        )
        assert response.status_code == 401
        data = response.json()
        assert data["status"] == "error"
        assert "Missing API key" in data["message"]

    def test_middleware_blocks_api_with_invalid_key(self, client, invalid_api_key):
        """Test that middleware blocks API access with invalid API key."""
        response = client.post(
            "/api/v1/subtitles/extract",
            json={"url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ", "lang": "en"},
            headers={"x-api-key": invalid_api_key}
        )
        assert response.status_code == 401
        data = response.json()
        assert data["status"] == "error"
        assert "Invalid API key" in data["message"]

    def test_middleware_allows_api_with_valid_key(self, client, api_key):
        """Test that middleware allows API access with valid API key."""
        with mock.patch('app.apis.subtitles.service.subtitle_service.extract_subtitles') as mock_extract:
            mock_extract.return_value = ("dQw4w9WgXcQ", ["Test subtitle"])

            response = client.post(
                "/api/v1/subtitles/extract",
                json={"url": "https://www.youtube.com/watch?v=dQw4w9WgXcQ", "lang": "en"},
                headers={"x-api-key": api_key}
            )
            assert response.status_code == 200