# -*- coding: utf-8 -*-
from urllib.parse import urlparse, parse_qs

import requests
from httpretty import HTTPretty

from .base import BaseBackendTest
from ...exceptions import AuthException


class DiscourseTest(BaseBackendTest):
    backend_path = 'social_core.backends.discourse.DiscourseAuth'
    expected_username = 'beepboop'
    raw_complete_url = '/complete/{0}/'

    def post_start(self):
        pass

    def do_start(self):
        self.post_start()
        start = self.backend.start()
        start_url = start.url
        return_url = self.backend.redirect_uri
        # NOTE: This is how we generated sso:
        # sso = b64encode(urlencode({
        #     'email': 'user@example.com',
        #     'username': 'beepboop',
        #     'nonce': '6YRje7xlXhpyeJ6qtvBeTUjHkXo1UCTQmCrzN8GXfja3AoAFk2' + \
        #              'CieDRYgSqMYi4W',
        #     'return_sso_url': 'http://myapp.com'
        # }))
        sso = 'dXNlcm5hbWU9YmVlcGJvb3Ambm9uY2U9NllSamU3eGxYaHB5ZUo2cXR2QmV' + \
              'UVWpIa1hvMVVDVFFtQ3J6TjhHWGZqYTNBb0FGazJDaWVEUllnU3FNWWk0Vy' + \
              'ZlbWFpbD11c2VyJTQwZXhhbXBsZS5jb20mcmV0dXJuX3Nzb191cmw9aHR0c' + \
              'CUzQSUyRiUyRm15YXBwLmNvbQ=='
        # NOTE: the signature was verified using the 'foo' key, like so:
        # hmac.new('foo', sso, sha256).hexdigest()
        sig = '04063f17c99a97b1a765c1e0d7bbb61afb8471d79a39ddcd6af5ba3c93eb10e1'
        response_query_params = 'sso={0}&sig={1}'.format(sso, sig)

        response_url = '{0}?{1}'.format(return_url, response_query_params)
        HTTPretty.register_uri(
            HTTPretty.GET, start_url, status=301, location=response_url
        )
        HTTPretty.register_uri(
            HTTPretty.GET,
            return_url,
            status=200,
            content_type='text/html',
        )

        response = requests.get(start_url)
        query_values = dict(
            (k, v[0]) for k, v in parse_qs(urlparse(response.url).query).items()
        )
        self.strategy.set_request_data(query_values, self.backend)

        return self.backend.complete()

    def test_login(self):
        """
        Test that we can authenticate with the Discourse IdP
        """
        # pretend we've started with a URL like /login/discourse:
        self.strategy.set_settings(
            {'SERVER_URL': 'http://example.com', 'SECRET': 'foo'}
        )
        self.do_login()

    def test_failed_login(self):
        """
        Test that authentication fails when our request is signed with a
        different secret than our payload
        """
        self.strategy.set_settings(
            {'SERVER_URL': 'http://example.com', 'SECRET': 'bar'}
        )
        with self.assertRaises(AuthException):
            self.do_login()