#!/usr/bin/env bash
# HTTP + lib contract testleri (CI php-integration job).
set -euo pipefail

ROOT="$(cd "$(dirname "$0")/.." && pwd)"
PORT="${FAUNAMIX_TEST_API_PORT:-18080}"
HOST="127.0.0.1"
BASE="http://${HOST}:${PORT}"

export FAUNAMIX_RATE_LIMIT_ENABLED=0
export FAUNAMIX_ALLOW_ANY_ORIGIN=1

if [[ -f "$ROOT/api/.env" ]]; then
  set -a
  # shellcheck disable=SC1091
  source "$ROOT/api/.env"
  set +a
fi

if [[ "${FAUNAMIX_CI_BOOTSTRAP_DB:-1}" == "1" ]]; then
  "$ROOT/scripts/ci-bootstrap-test-db.sh"
fi

PHP_BIN="${FAUNAMIX_PHP_BIN:-php}"
if ! command -v curl >/dev/null 2>&1; then
  echo "[integration] curl gerekli" >&2
  exit 1
fi

cd "$ROOT"
$PHP_BIN -S "${HOST}:${PORT}" >/tmp/faunamix-php-integration.log 2>&1 &
SERVER_PID=$!
cleanup() {
  kill "$SERVER_PID" 2>/dev/null || true
}
trap cleanup EXIT

for _ in $(seq 1 40); do
  if curl -sf "${BASE}/api/health.php" >/dev/null 2>&1; then
    break
  fi
  sleep 0.25
done

FAIL=0
assert_status() {
  local name="$1"
  local expect="$2"
  local url="$3"
  local method="${4:-GET}"
  local body="${5:-}"
  local extra_args=("${@:6}")
  local code
  if [[ "$method" == "POST" ]]; then
    if ((${#extra_args[@]} > 0)); then
      code=$(curl -s -o /tmp/faunamix-int-body.json -w "%{http_code}" -X POST \
        -H "Content-Type: application/json" \
        "${extra_args[@]}" \
        ${body:+-d "$body"} \
        "$url")
    else
      code=$(curl -s -o /tmp/faunamix-int-body.json -w "%{http_code}" -X POST \
        -H "Content-Type: application/json" \
        ${body:+-d "$body"} \
        "$url")
    fi
  else
    if ((${#extra_args[@]} > 0)); then
      code=$(curl -s -o /tmp/faunamix-int-body.json -w "%{http_code}" "${extra_args[@]}" "$url")
    else
      code=$(curl -s -o /tmp/faunamix-int-body.json -w "%{http_code}" "$url")
    fi
  fi
  if [[ "$code" != "$expect" ]]; then
    echo "[FAIL] $name — beklenen HTTP $expect, gelen $code"
    head -c 400 /tmp/faunamix-int-body.json 2>/dev/null || true
    echo ""
    FAIL=1
  else
    echo "[OK] $name — HTTP $code"
  fi
}

assert_json_field() {
  local name="$1"
  local jq_expr="$2"
  if ! $PHP_BIN -r '
    $raw = file_get_contents("/tmp/faunamix-int-body.json");
    $j = json_decode($raw, true);
    if (!is_array($j)) { fwrite(STDERR, "json invalid\n"); exit(1); }
    $expr = getenv("EXPR");
    if ($expr === "ok" && empty($j["ok"])) { exit(1); }
    if ($expr === "db" && (($j["checks"]["db"] ?? "") !== "ok")) { exit(1); }
    exit(0);
  ' EXPR="$jq_expr" 2>/dev/null; then
    echo "[FAIL] $name — JSON assertion ($jq_expr)"
    FAIL=1
  fi
}

# 1 health
assert_status "health" "200" "${BASE}/api/health.php"
assert_json_field "health.ok" "ok"
assert_json_field "health.db" "db"

# 2 filter
assert_status "filter" "200" "${BASE}/api/filter.php" POST '{"category_slug":null,"page":1,"page_size":5}'

# 3 product invalid id
assert_status "product_invalid" "400" "${BASE}/api/product.php?id=0"

# 4 checkout empty items
assert_status "checkout_empty" "400" "${BASE}/api/checkout_create.php" POST \
  '{"items":[],"customer":{"full_name":"Test User","email":"t@example.com","phone":"5551234567","identity_no":"12345678901","city":"Muğla","district":"Fethiye","address_line":"Test Adres 1"},"legal_acceptances":{"mesafeli":true,"on_bilgilendirme":true,"iade":true,"gizlilik":true}}'

# 5 payment callback missing token
code=$(curl -s -o /tmp/faunamix-int-body.txt -w "%{http_code}" -X POST \
  -d "token=&conversationId=" "${BASE}/api/payment_callback_iyzico.php")
if [[ "$code" != "400" ]]; then
  echo "[FAIL] payment_callback_missing — beklenen 400, gelen $code"
  FAIL=1
else
  echo "[OK] payment_callback_missing — HTTP 400"
fi

# 6 shop login invalid
assert_status "shop_login_invalid" "401" "${BASE}/api/shop_login.php" POST \
  '{"email":"nobody@example.com","password":"wrong-password-xyz"}'
if grep -q 'stack trace\|Trace:' /tmp/faunamix-int-body.json 2>/dev/null; then
  echo "[FAIL] shop_login — stack trace sızıntısı"
  FAIL=1
fi

# 7 admin without auth
assert_status "admin_ops_unauth" "401" "${BASE}/api/admin_ops_health.php"

# 8 iyzico signature lib (no HTTP)
if [[ -d "$ROOT/api/vendor" ]]; then
  if ! $PHP_BIN "$ROOT/api/tests/iyzico_signature_contract.php"; then
    echo "[FAIL] iyzico_signature_contract"
    FAIL=1
  else
    echo "[OK] iyzico_signature_contract"
  fi
else
  echo "[SKIP] iyzico_signature_contract — composer install gerekli"
fi

# 9 checkout idempotency lib (no HTTP)
if ! $PHP_BIN "$ROOT/api/tests/checkout_idempotency_contract.php"; then
  echo "[FAIL] checkout_idempotency_contract"
  FAIL=1
else
  echo "[OK] checkout_idempotency_contract"
fi

# 10 iyzico paidPrice / taksit lib (no HTTP)
if ! $PHP_BIN "$ROOT/api/tests/iyzico_paid_price_contract.php"; then
  echo "[FAIL] iyzico_paid_price_contract"
  FAIL=1
else
  echo "[OK] iyzico_paid_price_contract"
fi

# 11 payment callback SUCCESS field guards (no HTTP)
if ! $PHP_BIN "$ROOT/api/tests/payment_callback_fields_contract.php"; then
  echo "[FAIL] payment_callback_fields_contract"
  FAIL=1
else
  echo "[OK] payment_callback_fields_contract"
fi

# 12 payment session supersede / capture pending (no HTTP)
if ! $PHP_BIN "$ROOT/api/tests/ecommerce_payment_session_contract.php"; then
  echo "[FAIL] ecommerce_payment_session_contract"
  FAIL=1
else
  echo "[OK] ecommerce_payment_session_contract"
fi

if [[ "$FAIL" -ne 0 ]]; then
  echo ""
  echo "Integration testleri basarisiz. Log: /tmp/faunamix-php-integration.log"
  exit 1
fi

echo ""
echo "Tum integration testleri gecti."
exit 0