package checker

import (
	"context"
	"net/http"
	"net/http/httptest"
	"testing"

	sdk "git.happydns.org/checker-sdk-go/checker"
)

func TestMalwareBazaarSource_NoResults(t *testing.T) {
	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.Header().Set("Content-Type", "application/json")
		_, _ = w.Write([]byte(`{"query_status":"no_results"}`))
	}))
	defer srv.Close()

	s := &malwareBazaarSource{endpoint: srv.URL}
	results := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"enable_malwarebazaar": true, "malwarebazaar_auth_key": "k"})
	if len(results) != 1 {
		t.Fatalf("expected 1 result, got %d", len(results))
	}
	r := results[0]
	listed, _ := s.Evaluate(r)
	if !r.Enabled || listed || r.Error != "" {
		t.Fatalf("expected enabled+clean, got %+v, Evaluate listed=%v", r, listed)
	}
}

func TestMalwareBazaarSource_Listed(t *testing.T) {
	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if r.Header.Get("Auth-Key") == "" {
			t.Errorf("missing Auth-Key header")
		}
		w.Header().Set("Content-Type", "application/json")
		_, _ = w.Write([]byte(`{
			"query_status": "ok",
			"data": [{
				"sha256_hash": "aaaa1111bbbb2222cccc3333dddd4444eeee5555ffff6666aaaa1111bbbb2222",
				"file_name": "evil.exe",
				"file_type_mime": "application/x-dosexec",
				"signature": "Emotet",
				"first_seen": "2024-01-01 00:00:00"
			}]
		}`))
	}))
	defer srv.Close()

	s := &malwareBazaarSource{endpoint: srv.URL}
	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"enable_malwarebazaar": true, "malwarebazaar_auth_key": "k"})[0]
	if len(r.Evidence) != 1 {
		t.Fatalf("expected 1 evidence item, got %+v", r)
	}
	if listed, severity := s.Evaluate(r); !listed || severity != SeverityWarn {
		t.Errorf("expected Evaluate()=(true, warn), got (%v, %q)", listed, severity)
	}
	if r.Evidence[0].Status != "application/x-dosexec" {
		t.Errorf("evidence status = %q", r.Evidence[0].Status)
	}
	if len(r.Reasons) != 1 || r.Reasons[0] != "Emotet" {
		t.Errorf("reasons = %v", r.Reasons)
	}
}

func TestMalwareBazaarSource_HTTPError(t *testing.T) {
	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.WriteHeader(http.StatusUnauthorized)
		_, _ = w.Write([]byte("unauthorized"))
	}))
	defer srv.Close()

	s := &malwareBazaarSource{endpoint: srv.URL}
	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"enable_malwarebazaar": true, "malwarebazaar_auth_key": "k"})[0]
	if r.Error == "" {
		t.Errorf("expected error, got %+v", r)
	}
}

func TestMalwareBazaarSource_Disabled(t *testing.T) {
	s := &malwareBazaarSource{endpoint: "http://nope"}
	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"enable_malwarebazaar": false})[0]
	if r.Enabled {
		t.Errorf("expected disabled, got %+v", r)
	}
}

func TestMalwareBazaarSource_NoAuthKey(t *testing.T) {
	s := &malwareBazaarSource{endpoint: "http://nope"}
	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"enable_malwarebazaar": true})[0]
	if r.Enabled {
		t.Errorf("expected disabled when no auth key, got %+v", r)
	}
}