using System.Net.Http.Headers;
using System.Text;

namespace SatelliteProvider.IntegrationTests;

public static class JwtTestHelpers
{
    public const string JwtSecretEnvVar = "JWT_SECRET";
    public const string DefaultSubject = "integration-tests";

    public static string ResolveSecretOrThrow()
    {
        var secret = Environment.GetEnvironmentVariable(JwtSecretEnvVar);
        if (string.IsNullOrWhiteSpace(secret))
        {
            throw new InvalidOperationException(
                $"{JwtSecretEnvVar} is not set in the integration test environment. " +
                "It must match the JWT_SECRET configured for the API container.");
        }

        var byteLength = Encoding.UTF8.GetByteCount(secret);
        if (byteLength < 32)
        {
            throw new InvalidOperationException(
                $"{JwtSecretEnvVar} is {byteLength} bytes; the test runner requires at least 32 bytes to match API validation.");
        }

        return secret;
    }

    public static void AttachDefaultAuthorization(HttpClient httpClient, string token)
    {
        httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
    }
}