import Foundation
import Testing
@testable import ManaCore

@Suite("JWT")
struct JWTTests {
    @Test("Liefert expiry aus gültigem JWT")
    func extractsExpiry() throws {
        // Header: {"alg":"HS256","typ":"JWT"}
        // Payload: {"sub":"u1","exp":2000000000}
        let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1MSIsImV4cCI6MjAwMDAwMDAwMH0.signature"
        let expiry = try #require(JWT.expiry(of: token))
        #expect(expiry == Date(timeIntervalSince1970: 2_000_000_000))
    }

    @Test("Nil für nicht-JWT-Strings")
    func nilForNonJWT() {
        #expect(JWT.expiry(of: "nonsense") == nil)
        #expect(JWT.expiry(of: "a.b") == nil)
        #expect(JWT.expiry(of: "a.b.c.d") == nil)
    }

    @Test("Nil wenn exp-Claim fehlt")
    func nilWhenExpMissing() {
        // Payload: {"sub":"u1"}
        let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1MSJ9.signature"
        #expect(JWT.expiry(of: token) == nil)
    }

    @Test("Toleriert Base64URL-Padding")
    func toleratesBase64URLPadding() throws {
        // Payload ohne Padding: {"exp":1700000000}
        let token = "eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MDAwMDAwMDB9.sig"
        let expiry = try #require(JWT.expiry(of: token))
        #expect(expiry == Date(timeIntervalSince1970: 1_700_000_000))
    }
}