using Microsoft.Extensions.Logging;
using Shouldly;
using Xunit;

namespace ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Tests;

/// <summary>
///     Follow-up #2 — pins the three resolution forms supported by
///     <see cref="GalaxyDriver.ResolveApiKey"/>: <c>env:NAME</c>, <c>file:PATH</c>,
///     and the literal-string fallback. A future DPAPI arm slots in here without
///     touching the call site.
/// </summary>
public sealed class GalaxyDriverApiKeyResolverTests
{
    /// <summary>Verifies that a literal string is returned unchanged.</summary>
    [Fact]
    public void Literal_string_is_returned_unchanged()
    {
        GalaxyDriver.ResolveApiKey("plain-text-key").ShouldBe("plain-text-key");
    }

    /// <summary>Verifies that env: prefix resolves to an environment variable.</summary>
    [Fact]
    public void Env_prefix_resolves_to_environment_variable()
    {
        const string name = "OTOPCUA_TEST_GALAXY_API_KEY";
        Environment.SetEnvironmentVariable(name, "key-from-env");
        try
        {
            GalaxyDriver.ResolveApiKey($"env:{name}").ShouldBe("key-from-env");
        }
        finally
        {
            Environment.SetEnvironmentVariable(name, null);
        }
    }

    /// <summary>Verifies that unset environment variables throw with a descriptive message.</summary>
    [Fact]
    public void Env_prefix_unset_variable_throws_with_descriptive_message()
    {
        const string name = "OTOPCUA_TEST_GALAXY_API_KEY_UNSET";
        Environment.SetEnvironmentVariable(name, null);

        var ex = Should.Throw<InvalidOperationException>(() =>
            GalaxyDriver.ResolveApiKey($"env:{name}"));
        ex.Message.ShouldContain(name);
        ex.Message.ShouldContain("unset");
    }

    /// <summary>Verifies that file: prefix resolves to trimmed file contents.</summary>
    [Fact]
    public void File_prefix_resolves_to_trimmed_file_contents()
    {
        var path = Path.Combine(Path.GetTempPath(), $"galaxy-key-{Guid.NewGuid():N}.txt");
        File.WriteAllText(path, "  key-from-file  \n");
        try
        {
            GalaxyDriver.ResolveApiKey($"file:{path}").ShouldBe("key-from-file");
        }
        finally
        {
            File.Delete(path);
        }
    }

    /// <summary>Verifies that file: prefix with missing path throws.</summary>
    [Fact]
    public void File_prefix_missing_path_throws()
    {
        var path = Path.Combine(Path.GetTempPath(), $"does-not-exist-{Guid.NewGuid():N}.txt");
        var ex = Should.Throw<InvalidOperationException>(() =>
            GalaxyDriver.ResolveApiKey($"file:{path}"));
        ex.Message.ShouldContain(path);
        ex.Message.ShouldContain("doesn't exist");
    }

    // ===== Driver.Galaxy-010 regression: literal arm warns + dev: prefix path =====

    /// <summary>Verifies that literal strings emit a warning when a logger is supplied.</summary>
    [Fact]
    public void Literal_string_emits_warning_when_logger_supplied()
    {
        // A literal API key on a production deployment means the cleartext key sits
        // in the DriverConfig JSON. The resolver must surface a warning so an
        // operator who committed one by accident sees it at startup.
        var logger = new CaptureLogger();
        var key = GalaxyDriver.ResolveApiKey("plain-text-key", logger);

        key.ShouldBe("plain-text-key");
        logger.Entries.ShouldContain(e =>
            e.Level == LogLevel.Warning && e.Message.Contains("literal", StringComparison.OrdinalIgnoreCase));
    }

    /// <summary>Verifies that dev: prefix returns literal text without emitting warnings.</summary>
    [Fact]
    public void Dev_prefix_returns_literal_without_warning()
    {
        // An explicit dev: prefix signals the operator knowingly opted into a literal
        // key (dev / parity rig). The resolver must accept it AND suppress the
        // warning so production logs aren't polluted on a deliberate dev choice.
        var logger = new CaptureLogger();
        var key = GalaxyDriver.ResolveApiKey("dev:plain-text-key", logger);

        key.ShouldBe("plain-text-key");
        logger.Entries.ShouldNotContain(e => e.Level == LogLevel.Warning);
    }

    /// <summary>Verifies that env: prefix does not emit literal string warnings.</summary>
    [Fact]
    public void Env_prefix_does_not_emit_literal_warning()
    {
        const string name = "OTOPCUA_TEST_GALAXY_API_KEY_NOWARN";
        Environment.SetEnvironmentVariable(name, "v");
        try
        {
            var logger = new CaptureLogger();
            GalaxyDriver.ResolveApiKey($"env:{name}", logger);
            logger.Entries.ShouldNotContain(e => e.Level == LogLevel.Warning);
        }
        finally
        {
            Environment.SetEnvironmentVariable(name, null);
        }
    }

    /// <summary>A test logger that captures log entries for verification.</summary>
    private sealed class CaptureLogger : ILogger
    {
        /// <summary>Gets the list of captured log entries with their levels and messages.</summary>
        public List<(LogLevel Level, string Message)> Entries { get; } = new();

        /// <inheritdoc />
        public IDisposable? BeginScope<TState>(TState state) where TState : notnull => null;

        /// <inheritdoc />
        public bool IsEnabled(LogLevel logLevel) => true;

        /// <inheritdoc />
        public void Log<TState>(LogLevel logLevel, EventId eventId, TState state, Exception? exception, Func<TState, Exception?, string> formatter)
            => Entries.Add((logLevel, formatter(state, exception)));
    }

    /// <summary>Verifies that file: prefix with empty file throws.</summary>
    [Fact]
    public void File_prefix_empty_file_throws()
    {
        var path = Path.Combine(Path.GetTempPath(), $"galaxy-key-empty-{Guid.NewGuid():N}.txt");
        File.WriteAllText(path, "   \n  ");
        try
        {
            var ex = Should.Throw<InvalidOperationException>(() =>
                GalaxyDriver.ResolveApiKey($"file:{path}"));
            ex.Message.ShouldContain("empty");
        }
        finally
        {
            File.Delete(path);
        }
    }
}