require 'rails_helper'

RSpec.describe "OpenPGP Web Key Directory", type: :request do
  describe "policy" do
    it "returns an empty 200 response" do
      get "/.well-known/openpgpkey/policy"
      expect(response).to have_http_status(:ok)
      expect(response.body).to be_empty
    end
  end

  describe "omitted 'l' param" do
    it "returns a 400 status" do
      get "/.well-known/openpgpkey/hu/fmb8gw3n4zdj4xpwaziki4mwcxr1368i"
      expect(response).to have_http_status(:bad_request)
    end
  end

  describe "non-existent user" do
    it "returns a 404 status" do
      get "/.well-known/openpgpkey/hu/fmb8gw3n4zdj4xpwaziki4mwcxr1368i?l=aristotle"
      expect(response).to have_http_status(:not_found)
    end
  end

  describe "user without pubkey" do
    let(:user) { create :user, cn: 'bernd', ou: 'kosmos.org' }

    it "returns a 404 status" do
      get "/.well-known/openpgpkey/hu/kp95h369c89sx8ia1hn447i868nqyz4t?l=bernd"
      expect(response).to have_http_status(:not_found)
    end
  end

  describe "user with pubkey" do
    let(:alice) { create :user, id: 2, cn: "alice", email: "alice@example.com" }
    let(:jimmy) { create :user, id: 3, cn: "jimmy", email: "jimmy@example.com" }
    let(:valid_key_alice) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
    let(:valid_key_jimmy) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.asc") }
    let(:fingerprint_alice) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
    let(:fingerprint_jimmy) { "316BF516236DAF77236B15F6057D93972FB862C3" }
    let(:invalid_key) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_invalid.asc") }

    before do
      GPGME::Key.import(valid_key_alice)
      GPGME::Key.import(valid_key_jimmy)
      alice.update pgp_fpr: fingerprint_alice
      jimmy.update pgp_fpr: fingerprint_jimmy
    end

    after do
      alice.gnupg_key.delete!
      jimmy.gnupg_key.delete!
    end

    describe "pubkey does not contain user address" do
      before do
        allow_any_instance_of(User).to receive(:ldap_entry)
          .and_return({ pgp_key: valid_key_alice })
      end

      it "returns a 404 status" do
        get "/.well-known/openpgpkey/hu/kei1q4tipxxu1yj79k9kfukdhfy631xe?l=alice"
        expect(response).to have_http_status(:not_found)
      end
    end

    describe "pubkey contains user address" do
      before do
        allow_any_instance_of(User).to receive(:ldap_entry)
          .and_return({ pgp_key: valid_key_jimmy })
      end

      it "returns the pubkey in binary format" do
        get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf?l=jimmy"
        expect(response).to have_http_status(:ok)
        expect(response.headers['Content-Type']).to eq("application/octet-stream")
        expected_binary_data = File.binread("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.pem")
        expect(response.body).to eq(expected_binary_data)
      end

      context "with wrong capitalization of username" do
        it "returns the pubkey as ASCII Armor plain text" do
          get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf?l=JimmY"
          expect(response).to have_http_status(:ok)
          expected_binary_data = File.binread("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.pem")
          expect(response.body).to eq(expected_binary_data)
        end
      end

      context "with .txt extension" do
        it "returns the pubkey as ASCII Armor plain text" do
          get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf.txt?l=jimmy"
          expect(response).to have_http_status(:ok)
          expect(response.body).to eq(valid_key_jimmy)
          expect(response.headers['Content-Type']).to eq("text/plain")
        end
      end

      context "invalid URL" do
        it "returns a 422 status" do
          get "/.well-known/openpgpkey/hu/123456abcdef?l=alice"
          expect(response).to have_http_status(:not_found)
        end
      end
    end
  end
end