import { describe, it, expect, afterEach } from 'vitest'
import { getAuthConfig } from '../../server/utils/authConfig.js'

describe('authConfig', () => {
  const origEnv = { ...process.env }

  afterEach(() => {
    process.env = { ...origEnv }
  })

  it('returns oidc disabled when OIDC env vars are unset', () => {
    delete process.env.OIDC_ISSUER
    delete process.env.OIDC_CLIENT_ID
    delete process.env.OIDC_CLIENT_SECRET
    expect(getAuthConfig()).toEqual({
      oidc: { enabled: false, label: '' },
    })
  })

  it('returns oidc disabled when only some OIDC vars are set', () => {
    process.env.OIDC_ISSUER = 'https://auth.example.com'
    process.env.OIDC_CLIENT_ID = 'client'
    delete process.env.OIDC_CLIENT_SECRET
    expect(getAuthConfig().oidc.enabled).toBe(false)
  })

  it('returns oidc enabled and default label when all OIDC vars are set', () => {
    process.env.OIDC_ISSUER = 'https://auth.example.com'
    process.env.OIDC_CLIENT_ID = 'client'
    process.env.OIDC_CLIENT_SECRET = 'secret'
    const config = getAuthConfig()
    expect(config.oidc.enabled).toBe(true)
    expect(config.oidc.label).toBe('Sign in with OIDC')
  })

  it('uses OIDC_LABEL when set', () => {
    process.env.OIDC_ISSUER = 'https://auth.example.com'
    process.env.OIDC_CLIENT_ID = 'client'
    process.env.OIDC_CLIENT_SECRET = 'secret'
    process.env.OIDC_LABEL = 'Sign in with Authentik'
    expect(getAuthConfig().oidc.label).toBe('Sign in with Authentik')
  })
})