using Microsoft.Extensions.Options;
using ZB.MOM.WW.MxGateway.Server.Configuration;

namespace ZB.MOM.WW.MxGateway.Tests.Configuration;

public sealed class GatewayOptionsValidatorTests
{
    // Constructs the minimal valid GatewayOptions by relying on each sub-option's
    // design-default values; those defaults are validated separately in GatewayOptionsTests.
    private static GatewayOptions ValidOptions() => new();

    private static GatewayOptions CloneWithTls(GatewayOptions source, TlsOptions tls)
        => new()
        {
            Authentication = source.Authentication,
            Ldap = source.Ldap,
            Worker = source.Worker,
            Sessions = source.Sessions,
            Events = source.Events,
            Dashboard = source.Dashboard,
            Protocol = source.Protocol,
            Alarms = source.Alarms,
            Tls = tls,
        };

    [Fact]
    public void Validate_Succeeds_WithDefaultTlsOptions()
    {
        ValidateOptionsResult result = new GatewayOptionsValidator().Validate(null, ValidOptions());
        Assert.True(result.Succeeded);
    }

    [Fact]
    public void Validate_Fails_WhenTlsValidityYearsOutOfRange()
    {
        GatewayOptions withBadTls = CloneWithTls(ValidOptions(), new TlsOptions { ValidityYears = 0 });
        ValidateOptionsResult result = new GatewayOptionsValidator().Validate(null, withBadTls);
        Assert.True(result.Failed);
        Assert.Contains(result.Failures!, f => f.Contains("MxGateway:Tls:ValidityYears"));
    }

    [Fact]
    public void Validate_Fails_WhenTlsValidityYearsTooLarge()
    {
        GatewayOptions withBadTls = CloneWithTls(ValidOptions(), new TlsOptions { ValidityYears = 101 });
        ValidateOptionsResult result = new GatewayOptionsValidator().Validate(null, withBadTls);
        Assert.True(result.Failed);
        Assert.Contains(result.Failures!, f => f.Contains("MxGateway:Tls:ValidityYears"));
    }

    [Fact]
    public void Validate_Fails_WhenAdditionalDnsNameBlank()
    {
        GatewayOptions options = CloneWithTls(ValidOptions(), new TlsOptions { AdditionalDnsNames = [" "] });
        ValidateOptionsResult result = new GatewayOptionsValidator().Validate(null, options);
        Assert.True(result.Failed);
        Assert.Contains(result.Failures!, f => f.Contains("MxGateway:Tls:AdditionalDnsNames"));
    }

    [Fact]
    public void Validate_Fails_WhenSelfSignedCertPathBlank()
    {
        GatewayOptions options = CloneWithTls(ValidOptions(), new TlsOptions { SelfSignedCertPath = "  " });
        ValidateOptionsResult result = new GatewayOptionsValidator().Validate(null, options);
        Assert.True(result.Failed);
        Assert.Contains(result.Failures!, f => f.Contains("MxGateway:Tls:SelfSignedCertPath must not be blank."));
    }
}