import { sanitizeInput, sanitizeHTML, sanitizeURL } from './sanitize';
import { isAllowedType, validateFileSignature, isDangerousFile } from './upload';
import { generateCSRFToken, validateCSRFToken } from './csrf';
import { calculateContrastRatio, meetsWCAGStandard } from './color-contrast';
import { PerformanceMonitor } from './monitoring';

describe('Integration Tests', () => {
  describe('Input Sanitization Flow', () => {
    it('should sanitize user input end-to-end', () => {
      const userInput = '<script>alert("xss")</script>Hello World';
      const sanitized = sanitizeInput(userInput);

      expect(sanitized).not.toContain('<script>');
      expect(sanitized).toContain('Hello World');
    });

    it('should sanitize HTML content', () => {
      const htmlContent = '<p onclick="alert(1)">Safe text</p><script>evil()</script>';
      const sanitized = sanitizeHTML(htmlContent);

      expect(sanitized).not.toContain('onclick');
      expect(sanitized).not.toContain('<script>');
      expect(sanitized).toContain('Safe text');
    });

    it('should sanitize URLs', () => {
      const maliciousUrl = 'javascript:alert(1)';
      const safeUrl = 'https://example.com';

      expect(sanitizeURL(maliciousUrl)).toBe('');
      expect(sanitizeURL(safeUrl)).toBe(safeUrl);
    });
  });

  describe('CSRF Protection Flow', () => {
    it('should generate and validate CSRF tokens', () => {
      const token = generateCSRFToken();
      expect(token).toBeDefined();
      expect(typeof token).toBe('string');
      expect(token.length).toBeGreaterThan(0);

      const isValid = validateCSRFToken(token, token);
      expect(isValid).toBe(true);
    });

    it('should reject invalid CSRF tokens', () => {
      const invalidToken = 'invalid-token-123';
      const storedToken = 'different-token';
      const isValid = validateCSRFToken(invalidToken, storedToken);
      expect(isValid).toBe(false);
    });

    it('should reject empty tokens', () => {
      const isValid = validateCSRFToken('', 'some-token');
      expect(isValid).toBe(false);
    });
  });

  describe('File Validation Flow', () => {
    it('should validate allowed file types', () => {
      const isImageAllowed = isAllowedType('image/jpeg', 'image');
      const isDocAllowed = isAllowedType('application/pdf', 'document');

      expect(isImageAllowed).toBe(true);
      expect(isDocAllowed).toBe(true);
    });

    it('should reject dangerous file types', () => {
      const isDangerous = isDangerousFile('malware.exe');
      expect(isDangerous).toBe(true);

      const isSafe = isDangerousFile('document.pdf');
      expect(isSafe).toBe(false);
    });

    it('should validate file signatures', async () => {
      const pngSignature = Buffer.from([0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a]);
      const isValid = validateFileSignature(pngSignature, 'image/png');
      expect(isValid).toBe(true);
    });
  });

  describe('Color Contrast Validation Flow', () => {
    it('should validate accessible color combinations', () => {
      const result = meetsWCAGStandard('#000000', '#FFFFFF', 'AA', 'normal');
      expect(result.passes).toBe(true);
      expect(result.ratio).toBeGreaterThan(4.5);
    });

    it('should reject inaccessible color combinations', () => {
      const result = meetsWCAGStandard('#CCCCCC', '#FFFFFF', 'AA', 'normal');
      expect(result.passes).toBe(false);
    });

    it('should calculate contrast ratios correctly', () => {
      const blackOnWhite = calculateContrastRatio('#000000', '#FFFFFF');
      const whiteOnBlack = calculateContrastRatio('#FFFFFF', '#000000');

      expect(blackOnWhite).toBeCloseTo(21, 0);
      expect(whiteOnBlack).toBeCloseTo(21, 0);
    });
  });

  describe('Performance Monitoring Flow', () => {
    beforeEach(() => {
      PerformanceMonitor['instance'] = null as any;
    });

    it('should track metrics across operations', () => {
      const monitor = PerformanceMonitor.getInstance();

      monitor.recordMetric('response_time', 100);
      monitor.recordMetric('response_time', 200);
      monitor.recordMetric('response_time', 150);

      const stats = monitor.getStats('response_time');
      expect(stats.count).toBe(3);
      expect(stats.avg).toBe(150);
      expect(stats.min).toBe(100);
      expect(stats.max).toBe(200);
    });

    it('should track multiple metrics independently', () => {
      const monitor = PerformanceMonitor.getInstance();

      monitor.recordMetric('api_calls', 1);
      monitor.recordMetric('api_calls', 1);
      monitor.recordMetric('db_queries', 5);
      monitor.recordMetric('db_queries', 5);

      expect(monitor.getCount('api_calls')).toBe(2);
      expect(monitor.getCount('db_queries')).toBe(2);
      expect(monitor.getAverage('api_calls')).toBe(1);
      expect(monitor.getAverage('db_queries')).toBe(5);
    });
  });

  describe('Combined Security Validation Flow', () => {
    it('should validate and sanitize user input comprehensively', () => {
      const maliciousInput = {
        name: '<script>alert("xss")</script>John',
        email: 'john@example.com',
        website: 'javascript:alert(1)',
        message: '<p onclick="evil()">Hello</p>',
      };

      const sanitized = {
        name: sanitizeInput(maliciousInput.name),
        email: sanitizeInput(maliciousInput.email),
        website: sanitizeURL(maliciousInput.website),
        message: sanitizeHTML(maliciousInput.message),
      };

      expect(sanitized.name).not.toContain('<script>');
      expect(sanitized.email).toBe('john@example.com');
      expect(sanitized.website).toBe('');
      expect(sanitized.message).not.toContain('onclick');
    });

    it('should validate file upload with CSRF protection', () => {
      const csrfToken = generateCSRFToken();
      const isValidCSRF = validateCSRFToken(csrfToken, csrfToken);
      expect(isValidCSRF).toBe(true);

      const isAllowed = isAllowedType('application/pdf', 'document');
      expect(isAllowed).toBe(true);
    });
  });
});