#! /bin/bash

function setup {
    # Load helper functions
    load ../helper
    # Which forgehook implementation to use?
    if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi

    # Which CLI validator to use?
    if [ -z "$WHCK" ]; then WHCK="whck"; fi
    echo "$WHCK"
   
    export WHCK_DIR="$(mktemp -d)"
}

function teardown {
    if [ -d $WHCK_DIR ]; then rm -r $WHCK_DIR; fi
}

@test "correct signature works" {
    [ -x "$WHCK" ]
    repo="https://tildegit.org/forge/hook.sh"
    webhook="$(gen_webhook ../gitea.json "$repo")"
    secret="$($FORGEHOOK secret $repo)"
    echo -n "$secret" > $WHCK_DIR/identifier
    sig="$(hash_hmac sha256 "$webhook" "$secret")"
    # Can't echo "$webhook" | $WHCK because of bats bug which eats STDIN
    # Can't $WHCK <<< "$webhook" because bash appends a trailing newline?!
    run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
    echo "$output"
    [ $status -eq 0 ]
}

@test "incorrect signature fails" {
    [ -x "$WHCK" ]
    repo="https://tildegit.org/forge/hook.sh"
    webhook="$(gen_webhook ../gitea.json "$repo")"
    secret="$($FORGEHOOK secret $repo)"
    echo -n "FAIL$secret" > $WHCK_DIR/identifier
    sig="$(hash_hmac sha256 "$webhook" "$secret")"
    run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
    [ ! $status -eq 0 ]
}