# frozen_string_literal: true

RSpec.describe Fiken::OAuth do
  subject(:oauth) do
    described_class.new(client_id: "id", client_secret: "secret", redirect_uri: "https://app/cb")
  end

  describe "#authorize_url" do
    it "builds the authorize URL with the expected query params" do
      url = oauth.authorize_url(state: "xyz")
      query = URI.decode_www_form(URI(url).query).to_h

      expect(url).to start_with("https://fiken.no/oauth/authorize?")
      expect(query).to include(
        "response_type" => "code",
        "client_id" => "id",
        "redirect_uri" => "https://app/cb",
        "state" => "xyz"
      )
    end
  end

  describe "#exchange_code" do
    it "POSTs the code with Basic auth and returns the token" do
      stub_request(:post, "https://fiken.no/oauth/token")
        .with(
          body: hash_including("grant_type" => "authorization_code", "code" => "the-code"),
          headers: { "Authorization" => "Basic #{Base64.strict_encode64('id:secret')}" }
        )
        .to_return(
          status: 200,
          body: JSON.generate("access_token" => "AT", "refresh_token" => "RT", "expires_in" => 3600),
          headers: { "Content-Type" => "application/json" }
        )

      token = oauth.exchange_code("the-code")

      expect(token.access_token).to eq("AT")
      expect(token.refresh_token).to eq("RT")
    end
  end

  describe "#refresh" do
    it "POSTs the refresh grant" do
      stub_request(:post, "https://fiken.no/oauth/token")
        .with(body: hash_including("grant_type" => "refresh_token", "refresh_token" => "RT"))
        .to_return(
          status: 200,
          body: JSON.generate("access_token" => "AT2"),
          headers: { "Content-Type" => "application/json" }
        )

      expect(oauth.refresh("RT").access_token).to eq("AT2")
    end
  end
end