package jws

import (
	"testing"
	"time"

	appcrypto "netisjwt/internal/crypto"
	"netisjwt/internal/statuslist"
)

func TestCreateAndVerifyToken(t *testing.T) {
	privatePEM, err := appcrypto.UstvariZasebniKljucECDSAP256PEM()
	if err != nil {
		t.Fatalf("key gen: %v", err)
	}

	list := statuslist.New()
	list.Dodaj(true)
	claims, err := SestaviTrditve("http://localhost/api/status/abc", list, 0, time.Now())
	if err != nil {
		t.Fatalf("build claims: %v", err)
	}

	token, err := UstvariZetonIzPEM(privatePEM, claims)
	if err != nil {
		t.Fatalf("create token: %v", err)
	}

	got, err := PreveriZeton(token)
	if err != nil {
		t.Fatalf("verify token: %v", err)
	}
	if got.Status.Index != 0 {
		t.Fatalf("expected index 0, got %d", got.Status.Index)
	}
}

func TestValidateClaimsExpired(t *testing.T) {
	claims := Claims{
		Issuer:    "http://localhost",
		IssuedAt:  time.Now().Add(-2 * time.Hour).Unix(),
		ExpiresAt: time.Now().Add(-1 * time.Hour).Unix(),
	}
	err := PreveriTrditve(claims, "http://localhost", time.Now())
	if err == nil {
		t.Fatalf("expected expiration error")
	}
}