use strict;
use warnings;
use Test::More;
use JSON::WebToken;

subtest 'without claims and secret' => sub {
    eval { encode_jwt };
    like $@, qr/Usage: JSON::WebToken->encode/;
};

subtest 'without secret' => sub {
    eval { encode_jwt { foo => 'bar' } };
    like $@, qr/secret must be specified/;
};

subtest 'claims is not HASH' => sub {
    eval { encode_jwt [], 'secret' };
    like $@, qr/Usage: JSON::WebToken->encode/;
};

subtest 'not supported algorithm' => sub {
    eval {
        encode_jwt { foo => 'bar' }, 'secret', 'XXXX';
    };
    like $@, qr/`XXXX` is Not supported siging algorithm/;
};

subtest 'without jwt' => sub {
    eval { decode_jwt };
    like $@, qr/Usage: JSON::WebToken->decode/;
};

subtest 'too many segments' => sub {
    eval { decode_jwt 'x.y.z.foo.bar', 'secret' };
    like $@, qr/Not enough or too many segments/;
};

subtest 'not enough segments' => sub {
    eval { decode_jwt 'x', 'secret' };
    like $@, qr/Not enough or too many segments/;
};

subtest 'invalid segments' => sub {
    eval { decode_jwt 'x.y.z', 'secret' };
    like $@, qr/Invalid segment encoding/;
};

subtest 'invalid signature' => sub {
    my $jwt = encode_jwt { foo => 'bar' }, 'secret';
    eval { decode_jwt "$jwt-xxxx", 'foo' };
    like $@, qr/Invalid signature/;
};

subtest 'signature must be empty' => sub {
    my $jwt = encode_jwt { foo => 'bar' }, '', 'none';
    eval { decode_jwt "$jwt"."xxx", 'foo' };
    like $@, qr/Signature must be the empty string when alg is none/;
};

subtest 'is_verify true, but without secret' => sub {
    my $jwt = encode_jwt { foo => 'bar' }, 'secret';
    eval { decode_jwt $jwt };
    like $@, qr/secret must be specified/;
};

subtest 'is_verify false' => sub {
    my $jwt = encode_jwt { foo => 'bar' }, 'secret';
    my $got = decode_jwt "$jwt-xxxx", undef, 0;
    is_deeply $got, { foo => 'bar' };
};

done_testing;