use std::ffi::CStr;
use std::marker::Sized;
use {set_debug, AdminAuthenticatedDevice, CommandError, CommandStatus, Config, Device, Model,
     OtpMode, OtpSlotData, UnauthenticatedDevice};

static ADMIN_PASSWORD: &str = "12345678";
static USER_PASSWORD: &str = "123456";

// test suite according to RFC 4226, Appendix D
static HOTP_SECRET: &str = "3132333435363738393031323334353637383930";
static HOTP_CODES: &[&str] = &[
    "755224", "287082", "359152", "969429", "338314", "254676", "287922", "162583", "399871",
    "520489",
];

// test suite according to RFC 6238, Appendix B
static TOTP_SECRET: &str = "3132333435363738393031323334353637383930";
static TOTP_CODES: &[(u64, &str)] = &[
    (59, "94287082"),
    (1111111109, "07081804"),
    (1111111111, "14050471"),
    (1234567890, "89005924"),
    (2000000000, "69279037"),
    (20000000000, "65353130"),
];

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn connect() {
    set_debug(false);
    assert!(::connect().is_ok());
    assert!(::connect_model(Model::Pro).is_ok());
    assert!(::connect_model(Model::Storage).is_err());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn disconnect() {
    set_debug(false);
    ::connect().unwrap().disconnect();
    unsafe {
        let ptr = ::nitrokey_sys::NK_device_serial_number();
        assert!(!ptr.is_null());
        let cstr = CStr::from_ptr(ptr);
        assert_eq!(cstr.to_string_lossy(), "");
    }
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn get_serial_number() {
    set_debug(false);
    let device = ::connect().unwrap();
    let result = device.get_serial_number();
    assert!(result.is_ok());
    let serial_number = result.unwrap();
    assert!(serial_number.is_ascii());
    assert!(serial_number.chars().all(|c| c.is_ascii_hexdigit()));
}

fn configure_hotp(admin: &AdminAuthenticatedDevice) {
    let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
    assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
}

fn check_hotp_codes<T: Device>(device: &T)
where
    T: Sized,
{
    for code in HOTP_CODES {
        let result = device.get_hotp_code(1);
        assert_eq!(code, &result.unwrap());
    }
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn hotp() {
    set_debug(false);
    let device = ::connect().unwrap();
    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let config = Config::new(None, None, None, false);
    assert_eq!(CommandStatus::Success, admin.write_config(config));

    configure_hotp(&admin);
    check_hotp_codes(&admin);

    configure_hotp(&admin);
    check_hotp_codes(&admin.device());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn hotp_pin() {
    set_debug(false);
    let device = ::connect().unwrap();
    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let config = Config::new(None, None, None, true);
    assert_eq!(CommandStatus::Success, admin.write_config(config));

    configure_hotp(&admin);
    let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
    check_hotp_codes(&user);

    // TODO: enable for newer libnitrokey
    // assert!(user.device().get_hotp_code(1).is_err());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn hotp_slot_name() {
    set_debug(false);
    let device = ::connect().unwrap();

    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
    assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));

    let result = admin.device().get_hotp_slot_name(1);
    assert_eq!("test-hotp", result.unwrap());
}

fn configure_totp(admin: &AdminAuthenticatedDevice) {
    let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
    assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 30));
}

fn check_totp_codes<T: Device>(device: &T)
where
    T: Sized,
{
    for (i, &(time, code)) in TOTP_CODES.iter().enumerate() {
        assert_eq!(CommandStatus::Success, device.set_time(time));
        let result = device.get_totp_code(1);
        assert!(result.is_ok());
        let result_code = result.unwrap();
        assert_eq!(
            code, result_code,
            "TOTP code {} should be {} but is {}",
            i, code, result_code
        );
    }
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn totp() {
    // TODO: this test may fail due to bad timing --> find solution
    set_debug(false);
    let device = ::connect().unwrap();
    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let config = Config::new(None, None, None, false);
    assert_eq!(CommandStatus::Success, admin.write_config(config));

    configure_totp(&admin);
    check_totp_codes(&admin);

    configure_totp(&admin);
    check_totp_codes(&admin.device());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn totp_pin() {
    // TODO: this test may fail due to bad timing --> find solution
    set_debug(false);
    let device = ::connect().unwrap();
    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let config = Config::new(None, None, None, true);
    assert_eq!(CommandStatus::Success, admin.write_config(config));

    configure_totp(&admin);
    let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
    check_totp_codes(&user);

    // TODO: enable for newer libnitrokey
    // assert!(user.device().get_totp_code(1).is_err());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn totp_slot_name() {
    set_debug(false);
    let device = ::connect().unwrap();

    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
    let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
    assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));

    let result = admin.device().get_totp_slot_name(1);
    assert!(result.is_ok());
    assert_eq!("test-totp", result.unwrap());
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn get_major_firmware_version() {
    set_debug(false);
    // TODO fix for different libnitrokey versions
    assert_eq!(8, ::connect().unwrap().get_major_firmware_version());
}

fn admin_retry(device: UnauthenticatedDevice, suffix: &str, count: u8) -> UnauthenticatedDevice {
    let result = device.authenticate_admin(&(ADMIN_PASSWORD.to_owned() + suffix));
    let device = match result {
        Ok(admin) => admin.device(),
        Err((device, _)) => device,
    };
    assert_eq!(count, device.get_admin_retry_count());
    return device;
}

fn user_retry(device: UnauthenticatedDevice, suffix: &str, count: u8) -> UnauthenticatedDevice {
    let result = device.authenticate_user(&(USER_PASSWORD.to_owned() + suffix));
    let device = match result {
        Ok(admin) => admin.device(),
        Err((device, _)) => device,
    };
    assert_eq!(count, device.get_user_retry_count());
    return device;
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn get_retry_count() {
    set_debug(false);
    let device = ::connect().unwrap();

    let device = admin_retry(device, "", 3);
    let device = admin_retry(device, "123", 2);
    let device = admin_retry(device, "456", 1);
    let device = admin_retry(device, "", 3);

    let device = user_retry(device, "", 3);
    let device = user_retry(device, "123", 2);
    let device = user_retry(device, "456", 1);
    user_retry(device, "", 3);
}

#[test]
#[cfg_attr(not(feature = "test-pro"), ignore)]
fn read_write_config() {
    set_debug(false);
    let device = ::connect().unwrap();

    let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();

    let config = Config::new(None, None, None, true);
    assert_eq!(CommandStatus::Success, admin.write_config(config));
    let get_config = admin.get_config().unwrap();
    assert_eq!(config, get_config);

    let config = Config::new(None, Some(9), None, true);
    assert_eq!(
        CommandStatus::Error(CommandError::InvalidSlot),
        admin.write_config(config)
    );

    let config = Config::new(Some(1), None, Some(0), false);
    assert_eq!(CommandStatus::Success, admin.write_config(config));
    let get_config = admin.get_config().unwrap();
    assert_eq!(config, get_config);

    let config = Config::new(None, None, None, false);
    assert_eq!(CommandStatus::Success, admin.write_config(config));
    let get_config = admin.get_config().unwrap();
    assert_eq!(config, get_config);
}