using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using MxGateway.Server;
using MxGateway.Server.Dashboard;

namespace MxGateway.Tests.Gateway.Dashboard;

public sealed class DashboardCookieOptionsTests
{
    [Fact]
    public void Build_ConfiguresSecureDashboardCookie()
    {
        WebApplication app = GatewayApplication.Build([]);
        IOptionsMonitor<CookieAuthenticationOptions> optionsMonitor = app.Services
            .GetRequiredService<IOptionsMonitor<CookieAuthenticationOptions>>();

        CookieAuthenticationOptions options = optionsMonitor.Get(
            DashboardAuthenticationDefaults.AuthenticationScheme);

        Assert.Equal(DashboardAuthenticationDefaults.CookieName, options.Cookie.Name);
        Assert.True(options.Cookie.HttpOnly);
        Assert.Equal(CookieSecurePolicy.Always, options.Cookie.SecurePolicy);
        Assert.Equal(SameSiteMode.Strict, options.Cookie.SameSite);
        Assert.Equal("/", options.Cookie.Path);
        Assert.Equal("/dashboard/login", options.LoginPath);
        Assert.Equal("/dashboard/logout", options.LogoutPath);
        Assert.Equal("/dashboard/denied", options.AccessDeniedPath);
    }
}