const axios = require('axios');

// 配置
const BASE_URL = 'http://localhost:3000/api';
const FRONTEND_URL = 'http://localhost:3001';

// 测试用户信息
const testUser = {
  username: `testuser_${Date.now()}`,
  email: `testuser_${Date.now()}@example.com`,
  password: 'TestPassword123'
};

// 测试客户端信息
const testClient = {
  client_name: '测试应用',
  description: '这是一个测试OAuth流程的应用',
  redirect_uris: ['http://localhost:3001/callback']
};

let userToken = '';
let clientId = '';
let clientSecret = '';

async function testOAuthFlow() {
  console.log('🚀 开始测试OAuth授权流程...\n');

  try {
    // 1. 注册用户
    console.log('1. 注册测试用户...');
    const registerResponse = await axios.post(`${BASE_URL}/auth/register`, testUser);
    if (registerResponse.data.success) {
      console.log('✅ 用户注册成功');
    } else {
      console.log('❌ 用户注册失败:', registerResponse.data.message);
      return;
    }

    // 2. 用户登录
    console.log('\n2. 用户登录...');
    const loginResponse = await axios.post(`${BASE_URL}/auth/login`, {
      username: testUser.username,
      password: testUser.password
    });
    
    if (loginResponse.data.success) {
      userToken = loginResponse.data.data.token;
      console.log('✅ 用户登录成功');
    } else {
      console.log('❌ 用户登录失败:', loginResponse.data.message);
      return;
    }

    // 3. 创建OAuth客户端
    console.log('\n3. 创建OAuth客户端...');
    const clientResponse = await axios.post(`${BASE_URL}/oauth/clients`, testClient, {
      headers: {
        'Authorization': `Bearer ${userToken}`
      }
    });

    if (clientResponse.data.success) {
      clientId = clientResponse.data.data.client_id;
      clientSecret = clientResponse.data.data.client_secret;
      console.log('✅ OAuth客户端创建成功');
      console.log(`   客户端ID: ${clientId}`);
      console.log(`   客户端密钥: ${clientSecret}`);
    } else {
      console.log('❌ OAuth客户端创建失败:', clientResponse.data.message);
      return;
    }

    // 4. 获取授权信息
    console.log('\n4. 获取授权信息...');
    const authParams = new URLSearchParams({
      response_type: 'code',
      client_id: clientId,
      redirect_uri: 'http://localhost:3001/callback',
      scope: 'read write',
      state: 'test123'
    });

    const authResponse = await axios.get(`${BASE_URL}/oauth/authorize?${authParams}`, {
      headers: {
        'Authorization': `Bearer ${userToken}`
      }
    });

    if (authResponse.data.success) {
      console.log('✅ 授权信息获取成功');
      console.log(`   应用名称: ${authResponse.data.data.client.name}`);
      console.log(`   应用描述: ${authResponse.data.data.client.description}`);
      console.log(`   请求权限: ${authResponse.data.data.scopes.join(', ')}`);
    } else {
      console.log('❌ 授权信息获取失败:', authResponse.data.message);
      return;
    }

    // 5. 用户同意授权
    console.log('\n5. 用户同意授权...');
    const consentResponse = await axios.post(`${BASE_URL}/oauth/authorize/consent`, {
      client_id: clientId,
      redirect_uri: 'http://localhost:3001/callback',
      scope: 'read write',
      state: 'test123',
      approved: true
    }, {
      headers: {
        'Authorization': `Bearer ${userToken}`
      }
    });

    if (consentResponse.data.success) {
      console.log('✅ 用户同意授权成功');
      console.log(`   重定向URL: ${consentResponse.data.data.redirect_url}`);
      console.log(`   授权码: ${consentResponse.data.data.code}`);
    } else {
      console.log('❌ 用户同意授权失败:', consentResponse.data.message);
      return;
    }

    // 6. 使用授权码交换访问令牌
    console.log('\n6. 使用授权码交换访问令牌...');
    const tokenResponse = await axios.post(`${BASE_URL}/oauth/token`, {
      grant_type: 'authorization_code',
      client_id: clientId,
      client_secret: clientSecret,
      code: consentResponse.data.data.code,
      redirect_uri: 'http://localhost:3001/callback'
    });

    if (tokenResponse.data.success) {
      console.log('✅ 访问令牌获取成功');
      console.log(`   访问令牌: ${tokenResponse.data.data.access_token.substring(0, 20)}...`);
      console.log(`   刷新令牌: ${tokenResponse.data.data.refresh_token.substring(0, 20)}...`);
      console.log(`   过期时间: ${tokenResponse.data.data.expires_in}秒`);
    } else {
      console.log('❌ 访问令牌获取失败:', tokenResponse.data.message);
      return;
    }

    // 7. 使用访问令牌获取用户信息
    console.log('\n7. 使用访问令牌获取用户信息...');
    const userInfoResponse = await axios.get(`${BASE_URL}/oauth/userinfo`, {
      headers: {
        'Authorization': `Bearer ${tokenResponse.data.data.access_token}`
      }
    });

    if (userInfoResponse.data.success) {
      console.log('✅ 用户信息获取成功');
      console.log(`   用户名: ${userInfoResponse.data.data.username}`);
      console.log(`   邮箱: ${userInfoResponse.data.data.email}`);
    } else {
      console.log('❌ 用户信息获取失败:', userInfoResponse.data.message);
      return;
    }

    console.log('\n🎉 OAuth授权流程测试完成！');
    console.log('\n📋 测试总结:');
    console.log('✅ 用户注册和登录');
    console.log('✅ OAuth客户端创建');
    console.log('✅ 授权信息获取');
    console.log('✅ 用户同意授权');
    console.log('✅ 授权码交换访问令牌');
    console.log('✅ 使用访问令牌获取用户信息');

    console.log('\n🔗 前端测试链接:');
    console.log(`${FRONTEND_URL}/oauth/authorize?client_id=${clientId}&redirect_uri=http://localhost:3001/callback&scope=read%20write&state=test123`);

  } catch (error) {
    console.error('❌ 测试过程中发生错误:', error.response?.data || error.message);
  }
}

// 运行测试
testOAuthFlow();