import { mkdtempSync } from "node:fs";
import { tmpdir } from "node:os";
import { join } from "node:path";
import {
  writeFileSync,
  readFileSync,
} from "node:fs";

// Point state at a throwaway dir.
const dir = mkdtempSync(join(tmpdir(), "curo-smoke-"));
process.env.XDG_STATE_HOME = dir;

const { createPendingSend, consumeApproval, contentHash } = await import(
  "/home/claude/repos/exult-agent/tools/curogram-mcp/send-approval.ts"
);

const base = {
  conversationId: "aaaaaaaaaaaaaaaaaaaaaaaa",
  patientId: "bbbbbbbbbbbbbbbbbbbbbbbb",
  message: "Your appointment is confirmed for 3pm.",
  sendSecurely: false,
};

const pending = createPendingSend(base);
console.log("1 pending status:", pending.status, "id len", pending.id.length);
if (pending.status !== "pending_approval") throw new Error("expected pending");
if ((pending as any).token) throw new Error("token leaked to caller!");

const liveHash = contentHash(base);
if (liveHash !== pending.content_hash) throw new Error("hash mismatch");

// 2. Before approval marker -> must fail.
const before = consumeApproval(pending.id, liveHash);
console.log("2 before approval:", JSON.stringify(before));
if (before.ok) throw new Error("approved without marker!");

// 3. Operator reads token from the 0700 record, writes marker.
const recPath = join(dir, "curogram-mcp", "pending-sends", `${pending.id}.json`);
const rec = JSON.parse(readFileSync(recPath, "utf8"));
const markerPath = join(dir, "curogram-mcp", "approved", pending.id);
writeFileSync(markerPath, rec.token);

// 4. Wrong content hash -> must fail.
const wrong = consumeApproval(pending.id, contentHash({ ...base, message: "different" }));
console.log("4 wrong content:", JSON.stringify(wrong));
if (wrong.ok) throw new Error("approved with wrong content!");

// 5. Correct -> succeeds.
const good = consumeApproval(pending.id, liveHash);
console.log("5 correct approval:", JSON.stringify(good));
if (!good.ok) throw new Error("valid approval rejected: " + (good as any).reason);

// 6. Replay -> single-use, must fail.
const replay = consumeApproval(pending.id, liveHash);
console.log("6 replay:", JSON.stringify(replay));
if (replay.ok) throw new Error("replay succeeded — not single-use!");

// 7. Forged marker (attacker-written wrong token) -> fail.
const p2 = createPendingSend(base);
writeFileSync(join(dir, "curogram-mcp", "approved", p2.id), "deadbeef");
const forged = consumeApproval(p2.id, contentHash(base));
console.log("7 forged token:", JSON.stringify(forged));
if (forged.ok) throw new Error("forged token accepted!");

console.log("ALL SMOKE CHECKS PASSED");