#!/bin/bash
# Test harness for TWP WebView Softphone deployment
# Run after deploying PHP files and flushing rewrite rules

SERVER="https://phone.cloud-hosting.io"
PASS=0
FAIL=0

check() {
    local desc="$1"
    local result="$2"
    if [ "$result" = "0" ]; then
        echo "  PASS: $desc"
        PASS=$((PASS + 1))
    else
        echo "  FAIL: $desc"
        FAIL=$((FAIL + 1))
    fi
}

echo "=== TWP WebView Softphone - Deployment Test Harness ==="
echo ""

# 1. Test standalone phone page exists (should redirect to login for unauthenticated)
echo "[1] Standalone Phone Page (/twp-phone/)"
RESPONSE=$(curl -s -o /dev/null -w "%{http_code}:%{redirect_url}" -L --max-redirs 0 "$SERVER/twp-phone/" 2>/dev/null)
HTTP_CODE=$(echo "$RESPONSE" | cut -d: -f1)
REDIRECT=$(echo "$RESPONSE" | cut -d: -f2-)
# Should redirect (302) to wp-login.php for unauthenticated users
if [ "$HTTP_CODE" = "302" ] && echo "$REDIRECT" | grep -q "wp-login"; then
    check "Unauthenticated redirect to wp-login.php" 0
else
    check "Unauthenticated redirect to wp-login.php (got $HTTP_CODE, redirect: $REDIRECT)" 1
fi

# 2. Test that wp-login.php page loads
echo ""
echo "[2] WordPress Login Page"
LOGIN_RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" "$SERVER/wp-login.php" 2>/dev/null)
check "wp-login.php returns 200" "$([ "$LOGIN_RESPONSE" = "200" ] && echo 0 || echo 1)"

# 3. Test authenticated access (login and get cookies, then access /twp-phone/)
echo ""
echo "[3] Authenticated Access"
# Try to log in and get session cookies
COOKIE_JAR="/tmp/twp-test-cookies.txt"
rm -f "$COOKIE_JAR"

# Login - use the test credentials if available
LOGIN_RESULT=$(curl -s -o /dev/null -w "%{http_code}" \
    -c "$COOKIE_JAR" \
    -d "log=admin&pwd=admin&rememberme=forever&redirect_to=$SERVER/twp-phone/&wp-submit=Log+In" \
    "$SERVER/wp-login.php" 2>/dev/null)

if [ "$LOGIN_RESULT" = "302" ]; then
    # Follow redirect to /twp-phone/
    PAGE_RESULT=$(curl -s -b "$COOKIE_JAR" -w "%{http_code}" -o /tmp/twp-phone-page.html "$SERVER/twp-phone/" 2>/dev/null)
    check "Authenticated /twp-phone/ returns 200" "$([ "$PAGE_RESULT" = "200" ] && echo 0 || echo 1)"

    if [ "$PAGE_RESULT" = "200" ]; then
        # Check page content
        check "Page contains Twilio SDK" "$(grep -q 'twilio.min.js' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains dialpad" "$(grep -q 'dialpad' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains ajaxurl" "$(grep -q 'ajaxurl' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains TwpMobile bridge" "$(grep -q 'TwpMobile' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains twpNonce" "$(grep -q 'twpNonce' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page has mobile viewport" "$(grep -q 'viewport-fit=cover' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page has dark mode CSS" "$(grep -q 'prefers-color-scheme' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "No WP admin bar" "$(grep -q 'wp-admin-bar' /tmp/twp-phone-page.html && echo 1 || echo 0)"
        check "Page contains phone-number-input" "$(grep -q 'phone-number-input' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains caller-id-select" "$(grep -q 'caller-id-select' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains hold/transfer buttons" "$(grep -q 'hold-btn' /tmp/twp-phone-page.html && echo 0 || echo 1)"
        check "Page contains queue tab" "$(grep -q 'queue' /tmp/twp-phone-page.html && echo 0 || echo 1)"
    fi
else
    echo "  SKIP: Could not log in (HTTP $LOGIN_RESULT) - manual auth testing required"
fi

# 4. Test AJAX endpoint availability
echo ""
echo "[4] AJAX Endpoints"
if [ -f "$COOKIE_JAR" ] && [ "$LOGIN_RESULT" = "302" ]; then
    # Test that admin-ajax.php is accessible with cookies
    AJAX_RESULT=$(curl -s -b "$COOKIE_JAR" -o /dev/null -w "%{http_code}" \
        -d "action=twp_generate_capability_token&nonce=test" \
        "$SERVER/wp-admin/admin-ajax.php" 2>/dev/null)
    # Should return 200 (even if nonce fails, it means AJAX is working)
    check "admin-ajax.php accessible" "$([ "$AJAX_RESULT" = "200" ] || [ "$AJAX_RESULT" = "400" ] || [ "$AJAX_RESULT" = "403" ] && echo 0 || echo 1)"
fi

# 5. Test 7-day cookie expiration
echo ""
echo "[5] Session Cookie"
if [ -f "$COOKIE_JAR" ]; then
    # Check if cookies have extended expiry
    COOKIE_EXISTS=$(grep -c "wordpress_logged_in" "$COOKIE_JAR" 2>/dev/null)
    check "Login cookies set" "$([ "$COOKIE_EXISTS" -gt 0 ] && echo 0 || echo 1)"
fi

# Cleanup
rm -f "$COOKIE_JAR" /tmp/twp-phone-page.html

echo ""
echo "=== Results: $PASS passed, $FAIL failed ==="
echo ""

if [ "$FAIL" -gt 0 ]; then
    echo "Some tests failed. Review output above."
    exit 1
else
    echo "All tests passed!"
    exit 0
fi