;; webid-oidc, implementation of the Solid specification
;; Copyright (C) 2020, 2021  Vivien Kraus

;; This program is free software: you can redistribute it and/or modify
;; it under the terms of the GNU Affero General Public License as
;; published by the Free Software Foundation, either version 3 of the
;; License, or (at your option) any later version.

;; This program is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU Affero General Public License for more details.

;; You should have received a copy of the GNU Affero General Public License
;; along with this program.  If not, see <https://www.gnu.org/licenses/>.

(use-modules (webid-oidc client-manifest)
             (webid-oidc cache)
             (webid-oidc testing)
             (webid-oidc errors)
             (web uri)
             (srfi srfi-19)
             (web response)
             (ice-9 optargs)
             (ice-9 receive))

;; In this example, the client_id of the oidcRegistration does not
;; match the base URI.

(with-test-environment
 "client-manifest-fraudulent"
 (lambda ()
   (define the-current-time 0)
   (define (current-time)
     (make-time time-utc 0 the-current-time))
   (define what-to-respond
     (build-response #:headers '((content-type text/turtle))))
   (define what-to-respond-body
     "{
    \"client_id\" : \"https://app.example.com/id#app\",
    \"redirect_uris\" : [\"https://app.example.com/callback\"],
    \"client_name\" : \"Solid Application Name\",
    \"client_uri\" : \"https://app.example.com/\",
    \"logo_uri\" : \"https://app.example.com/logo.png\",
    \"tos_uri\" : \"https://app.example.com/tos.html\",
    \"scope\" : \"openid profile offline_access\",
    \"grant_types\" : [\"refresh_token\",\"authorization_code\"],
    \"response_types\" : [\"code\"],
    \"default_max_age\" : 60000,
    \"require_auth_time\" : true
    }")
   (define headers-to-expect
     '())
   (define uri-to-expect
     (string->uri "https://fraudulent-app.example.com/id#app"))
   (define* (respond uri #:key (headers '()))
     (when (string? uri)
       (set! uri (string->uri uri)))
     (unless (equal? uri uri-to-expect)
       (exit 1))
     (unless (equal? headers headers-to-expect)
       (exit 2))
     (values what-to-respond what-to-respond-body))
   (define cache-http-get
     (with-cache
      #:current-time current-time
      #:http-get respond))
   (with-exception-handler
       (lambda (error)
         (unless ((record-predicate &inconsistent-client-manifest-id)
                  ((record-accessor &cannot-fetch-client-manifest 'cause) error))
           (exit 3)))
     (lambda ()
       (get-client-manifest
        (string->uri "https://fraudulent-app.example.com/id#app")
        #:http-get cache-http-get)
       (exit 4))
     #:unwind? #t
     #:unwind-for-type &cannot-fetch-client-manifest)))