using System.Security.Claims;
using System.Text.Encodings.Web;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using ZB.MOM.WW.OtOpcUa.Admin.Services;

namespace ZB.MOM.WW.OtOpcUa.Admin.E2ETests;

/// <summary>
///     Stamps every request with a FleetAdmin principal so E2E tests can hit
///     authenticated Razor pages without the LDAP login flow. Registered as the
///     default authentication scheme by <see cref="AdminWebAppFactory"/>.
/// </summary>
public sealed class TestAuthHandler(
    IOptionsMonitor<AuthenticationSchemeOptions> options,
    ILoggerFactory logger,
    UrlEncoder encoder)
    : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
{
    public const string SchemeName = "Test";

    protected override Task<AuthenticateResult> HandleAuthenticateAsync()
    {
        var claims = new[]
        {
            new Claim(ClaimTypes.Name, "e2e-test-user"),
            new Claim(ClaimTypes.Role, AdminRoles.FleetAdmin),
        };
        var identity = new ClaimsIdentity(claims, SchemeName);
        var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), SchemeName);
        return Task.FromResult(AuthenticateResult.Success(ticket));
    }
}