import pytest

from httmock import HTTMock

from data import model
from data.users.oidc import OIDCInternalAuth
from oauth.test.test_oidc import *
from test.fixtures import *

@pytest.mark.parametrize('username, expect_success', [
  ('devtable', True),
  ('disabled', False)
])
def test_oidc_login(username, expect_success, app_config, id_token, jwks_handler,
                    discovery_handler, app):
  internal_auth = OIDCInternalAuth(app_config, 'someoidc', False)
  with HTTMock(jwks_handler, discovery_handler):
    # Try an invalid token.
    (user, err) = internal_auth.verify_credentials('someusername', 'invalidtoken')
    assert err is not None
    assert user is None

    # Try a valid token for an unlinked user.
    (user, err) = internal_auth.verify_credentials('someusername', id_token)
    assert err is not None
    assert user is None

    # Link the user to the service.
    model.user.attach_federated_login(model.user.get_user(username), 'someoidc', 'cooluser')

    # Try a valid token for a linked user.
    (user, err) = internal_auth.verify_credentials('someusername', id_token)
    if expect_success:
      assert err is None
      assert user.username == username
    else:
      assert err is not None
      assert user is None