package saml

import (
	"crypto/x509"
	"encoding/pem"
	"errors"
	"io/ioutil"
	"testing"

	sdig "github.com/russellhaering/goxmldsig"
)

func loadCert(ca string) (*x509.Certificate, error) {
	data, err := ioutil.ReadFile(ca)
	if err != nil {
		return nil, err
	}
	block, _ := pem.Decode(data)
	if block == nil {
		return nil, errors.New("ca file didn't contain any PEM data")
	}
	return x509.ParseCertificate(block.Bytes)
}

func TestVerify(t *testing.T) {
	cert, err := loadCert("testdata/okta-ca.pem")
	if err != nil {
		t.Fatal(err)
	}
	s := certStore{[]*x509.Certificate{cert}}

	validator := sdig.NewDefaultValidationContext(s)

	data, err := ioutil.ReadFile("testdata/okta-resp.xml")
	if err != nil {
		t.Fatal(err)
	}

	if _, err := verify(validator, data); err != nil {
		t.Fatal(err)
	}
}