;; disfluid, implementation of the Solid specification
;; Copyright (C) 2020, 2021  Vivien Kraus

;; This program is free software: you can redistribute it and/or modify
;; it under the terms of the GNU Affero General Public License as
;; published by the Free Software Foundation, either version 3 of the
;; License, or (at your option) any later version.

;; This program is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU Affero General Public License for more details.

;; You should have received a copy of the GNU Affero General Public License
;; along with this program.  If not, see <https://www.gnu.org/licenses/>.

(define-module (tests client-manifest)
  #:use-module (webid-oidc client-manifest)
  #:use-module (webid-oidc cache)
  #:use-module (webid-oidc testing)
  #:use-module ((webid-oidc parameters) #:prefix p:)
  #:use-module (webid-oidc errors)
  #:use-module (web uri)
  #:use-module (srfi srfi-19)
  #:use-module (web response)
  #:use-module (ice-9 optargs)
  #:use-module (ice-9 receive)
  #:use-module (oop goops)
  #:declarative? #t
  #:duplicates (merge-generics))

(with-test-environment
 "client-manifest"
 (lambda ()
   (define what-to-respond
     (build-response #:headers '((content-type application/ld+json))))
   (define what-to-respond-body
     "{
    \"client_id\" : \"https://app.example.com/id#app\",
    \"redirect_uris\" : [\"https://app.example.com/callback\"],
    \"client_name\" : \"Solid Application Name\",
    \"client_uri\" : \"https://app.example.com/\",
    \"logo_uri\" : \"https://app.example.com/logo.png\",
    \"tos_uri\" : \"https://app.example.com/tos.html\",
    \"scope\" : \"openid profile offline_access\",
    \"grant_types\" : [\"refresh_token\",\"authorization_code\"],
    \"response_types\" : [\"code\"],
    \"default_max_age\" : 60000,
    \"require_auth_time\" : true
}")
   (define* (respond uri #:key (headers '()))
     (unless (equal? headers '())
       (exit 1))
     (when (string? uri)
       (set! uri (string->uri uri)))
     (unless (equal? uri
                     (string->uri "https://app.example.com/id#app"))
       (exit 2))
     (values what-to-respond what-to-respond-body))
   (parameterize ((p:anonymous-http-request respond))
     (use-cache
      (lambda ()
        (define mf
          (parameterize ((p:current-date 0))
            (make <client-manifest>
              #:client-id "https://app.example.com/id#app")))
        (define id (client-id mf))
        (unless (equal? id (string->uri "https://app.example.com/id#app"))
          (exit 3))
        (unless (check-redirect-uri mf "https://app.example.com/callback")
          (exit 4))
        (with-exception-handler
            (lambda (error)
              (unless (unauthorized-redirect-uri? error)
                (exit 5)))
          (lambda ()
            (check-redirect-uri mf "https://fraudulent-app.example.com/callback")
            (exit 55))
          #:unwind? #t
          #:unwind-for-type &unauthorized-redirect-uri)
        (receive (response response-body)
            (serve mf (time-utc->date (make-time time-utc 0 3600)))
          (unless (equal? (response-content-type response) '(application/ld+json))
            (exit 6))
          (set! what-to-respond response)
          (set! what-to-respond-body response-body)
          (let ((re-parsed
                 (parameterize ((p:current-date 10))
                   (make <client-manifest>
                     #:client-id "https://app.example.com/id#app"))))
            (map (lambda (key)
                   (unless (equal? (assq-ref mf key)
                                   (assq-ref re-parsed key))
                     (exit 9)))
                 '(client_id redirect_uris)))))))))