using MxGateway.Server.Security.Authentication;

namespace MxGateway.Tests.Security.Authentication;

public sealed class ApiKeyParserTests
{
    [Fact]
    public void TryParseAuthorizationHeader_ValidBearerToken_ReturnsKeyIdAndSecret()
    {
        ApiKeyParser parser = new();

        bool parsed = parser.TryParseAuthorizationHeader(
            "Bearer mxgw_operator01_secret_value",
            out ParsedApiKey? apiKey);

        Assert.True(parsed);
        Assert.NotNull(apiKey);
        Assert.Equal("operator01", apiKey.KeyId);
        Assert.Equal("secret_value", apiKey.Secret);
    }

    [Theory]
    [InlineData(null)]
    [InlineData("")]
    [InlineData("mxgw_operator01_secret")]
    [InlineData("Bearer not-a-gateway-key")]
    [InlineData("Bearer mxgw__secret")]
    [InlineData("Bearer mxgw_operator01_")]
    public void TryParseAuthorizationHeader_MalformedToken_ReturnsFalse(string? authorizationHeader)
    {
        ApiKeyParser parser = new();

        bool parsed = parser.TryParseAuthorizationHeader(authorizationHeader, out ParsedApiKey? apiKey);

        Assert.False(parsed);
        Assert.Null(apiKey);
    }
}