import test from 'node:test';
import assert from 'node:assert/strict';
import request from 'supertest';
import { createApp } from '../src/app.js';

process.env.AUTH_BYPASS = 'true';
process.env.LLM_MOCK = 'true';

test('GET /healthz returns healthy response', async () => {
  const app = createApp();
  const res = await request(app).get('/healthz');

  assert.equal(res.status, 200);
  assert.equal(res.body.ok, true);
  assert.equal(typeof res.body.requestId, 'string');
  assert.equal(typeof res.headers['x-request-id'], 'string');
});

test('POST /core/create-signed-url requires auth', async () => {
  process.env.AUTH_BYPASS = 'false';
  const app = createApp();
  const res = await request(app).post('/core/create-signed-url').send({
    fileUri: 'gs://krow-workforce-dev-private/foo.pdf',
  });

  assert.equal(res.status, 401);
  assert.equal(res.body.code, 'UNAUTHENTICATED');
  process.env.AUTH_BYPASS = 'true';
});

test('POST /core/create-signed-url returns signed URL', async () => {
  const app = createApp();
  const res = await request(app)
    .post('/core/create-signed-url')
    .set('Authorization', 'Bearer test-token')
    .send({
      fileUri: 'gs://krow-workforce-dev-private/foo.pdf',
      expiresInSeconds: 300,
    });

  assert.equal(res.status, 200);
  assert.equal(typeof res.body.signedUrl, 'string');
  assert.equal(typeof res.body.expiresAt, 'string');
  assert.equal(typeof res.body.requestId, 'string');
});

test('POST /invokeLLM legacy alias works', async () => {
  const app = createApp();
  const res = await request(app)
    .post('/invokeLLM')
    .set('Authorization', 'Bearer test-token')
    .send({
      prompt: 'hello',
      responseJsonSchema: { type: 'object' },
      fileUrls: [],
    });

  assert.equal(res.status, 200);
  assert.equal(typeof res.body.result, 'object');
  assert.equal(typeof res.body.model, 'string');
});