from datetime import datetime, timezone

import pytest

from fooder.controller.token import TokenController
from fooder.exc import Unauthorized
from fooder.utils.jwt import AccessToken, RefreshToken

NOW = datetime.now(timezone.utc)


def test_token_ctrl_generates_token(ctx):
    token_ctrl = TokenController(ctx, 1)
    token_ctrl.generate_token_pair(ctx.clock())


class TestFromRefreshToken:
    def test_returns_controller_with_correct_entity_id(self, ctx):
        token = RefreshToken(exp=RefreshToken.calculate_exp(NOW), sub=42)
        ctrl = TokenController.from_refresh_token(ctx, token.encode())
        assert ctrl.entity_id == 42

    def test_invalid_string_raises(self, ctx):
        with pytest.raises(Unauthorized):
            TokenController.from_refresh_token(ctx, "bad-token")

    def test_access_token_raises(self, ctx):
        token = AccessToken(exp=AccessToken.calculate_exp(NOW), sub=1)
        with pytest.raises(Unauthorized):
            TokenController.from_refresh_token(ctx, token.encode())


class TestFromAccessToken:
    def test_returns_controller_with_correct_entity_id(self, ctx):
        token = AccessToken(exp=AccessToken.calculate_exp(NOW), sub=7)
        ctrl = TokenController.from_access_token(ctx, token.encode())
        assert ctrl.entity_id == 7

    def test_invalid_string_raises(self, ctx):
        with pytest.raises(Unauthorized):
            TokenController.from_access_token(ctx, "bad-token")

    def test_refresh_token_raises(self, ctx):
        token = RefreshToken(exp=RefreshToken.calculate_exp(NOW), sub=1)
        with pytest.raises(Unauthorized):
            TokenController.from_access_token(ctx, token.encode())