import base64

import pytest

pytest.importorskip("jwt")
pytest.importorskip("cryptography")

from services.common.security import create_jwt, decrypt_aes_gcm, encrypt_aes_gcm, verify_jwt


def test_jwt_roundtrip() -> None:
    secret = 's3cr3t'
    token = create_jwt({'sub': 'alice'}, secret, expires_minutes=1)
    payload = verify_jwt(token, secret)
    assert payload['sub'] == 'alice'


def test_aes_roundtrip() -> None:
    key_b64 = base64.b64encode(bytes(range(32))).decode('utf-8')
    msg = b'hello'
    encrypted = encrypt_aes_gcm(msg, key_b64)
    assert decrypt_aes_gcm(encrypted, key_b64) == msg