import pytest

from signing_service.application.use_cases.sign_document import (
    SignDocumentUseCase,
)
from signing_service.application.use_cases.sign_document_dto import (
    SignDocumentCommand,
)
from signing_service.infrastructure.pdf.fake_pdf_signer import FakePDFSigner
from signing_service.infrastructure.secrets.fake_secret_manager import (
    FakeSecretManager,
)


def test_sign_document_success():
    # GIVEN: dependencias fake
    fake_secrets = {
        "pdf-signing-cert": "FAKE_CERTIFICATE_DATA"
    }
    secret_manager = FakeSecretManager(fake_secrets)
    pdf_signer = FakePDFSigner()

    use_case = SignDocumentUseCase(
        secret_manager=secret_manager,
        pdf_signer=pdf_signer,
    )

    original_pdf = b"%PDF-1.4 fake pdf content"

    command = SignDocumentCommand(
        pdf_bytes=original_pdf,
        certificate_secret_name="pdf-signing-cert",
        certificate_password_secret_name="pdf-signing-cert-password",
    )

    # WHEN: ejecutamos el caso de uso
    result = use_case.execute(command)

    # THEN: el PDF está "firmado"
    assert result.signed_pdf_bytes.startswith(original_pdf)
    assert b"FAKE_CERTIFICATE_DATA" in result.signed_pdf_bytes


def test_sign_document_secret_not_found():
    secret_manager = FakeSecretManager(secrets={})
    pdf_signer = FakePDFSigner()

    use_case = SignDocumentUseCase(
        secret_manager=secret_manager,
        pdf_signer=pdf_signer,
    )

    command = SignDocumentCommand(
        pdf_bytes=b"fake pdf",
        certificate_secret_name="missing-secret",
    )

    with pytest.raises(ValueError):
        use_case.execute(command)