package test

import (
	"testing"
	"fmt"
	"os"
)

func TestAuthHook(t *testing.T) {
	e := newEnv(t)
	defer e.Free()

	c := e.newInstance()

	var secrets string

	f, err := os.CreateTemp("", "test-auth-")
	if err != nil {
		e.Fatalf("create temp: %v", err)
	}

	secrets = f.Name()

	fmt.Fprintln(f, "T t")
	fmt.Fprintln(f, "X x")
	f.Close()

	defer os.Remove(secrets)

	c.Exec("add name T listen,addr=%%0 auth aes dial,addr=@[tunnel.X.listen]")
	c.Exec("add name X listen,addr=%%0 /aes /auth dial,addr=@[addr]")

	c.Exec("set authfile %s", secrets)
	c.Exec("set tunnel.T.authuser T")
	c.Exec("set tunnel.X.authuser X")

	listen := e.Listen("tcp", "127.0.0.1:0")
	c.Set("addr", listen.Addr())

	out := e.Dial("tcp", c.Get("tunnel.T.listen"))
	in := e.Accept(listen)

	e.Write(out, dummy)

	buf := make([]byte, len(dummy))
	e.ReadFull(in, buf)

	if r := string(buf); r != dummy {
		e.Fatalf("wrong reply: send '%s', recv '%s'", dummy, r)
	}
}

func TestAuthPassiveHook(t *testing.T) {
	e := newEnv(t)
	defer e.Free()

	c := e.newInstance()

	var secrets string

	f, err := os.CreateTemp("", "test-auth-passive-")
	if err != nil {
		e.Fatalf("create temp: %v", err)
	}

	secrets = f.Name()

	fmt.Fprintln(f, "T t")
	f.Close()

	defer os.Remove(secrets)

	c.Exec("add name T listen,addr=%%0 auth aes dial,addr=@[tunnel.X.listen]")
	c.Exec("add name X listen,addr=%%0 /aes /auth,passive dial,addr=@[addr]")

	c.Exec("set authfile %s", secrets)
	c.Exec("set tunnel.T.authuser T")

	listen := e.Listen("tcp", "127.0.0.1:0")
	c.Set("addr", listen.Addr())

	out := e.Dial("tcp", c.Get("tunnel.T.listen"))
	in := e.Accept(listen)

	e.Write(out, dummy)

	buf := make([]byte, len(dummy))
	e.ReadFull(in, buf)

	if r := string(buf); r != dummy {
		e.Fatalf("wrong reply: send '%s', recv '%s'", dummy, r)
	}
}