"""Shared ghost test helper — a cookie-aware Ghost Admin API client.

Ghost's Admin API authenticates a human session via a cookie (`ghost-admin-api-session`) set by
`POST /ghost/api/admin/session/`, and enforces a CSRF check requiring the `Origin` header to match
the site's configured `url` on state-changing requests. The shared `runner/harness/http` helpers are
deliberately cookie-less (stateless status+json), so this helper builds a stdlib
`urllib` opener with an `HTTPCookieProcessor` so the session cookie persists across
setup → login → create → read within the test process.

Auth path (version-independent — no `/v3/`/`/v5/` in the URL; Ghost negotiates the API version, and
the recipe under test may be any 5.x/6.x):
  1. `POST /authentication/setup/` — creates the owner on a FRESH deploy (idempotent: a re-run finds
     "setup already completed" and we ignore it).
  2. `POST /session/` — establishes the admin session cookie (always done, so the client is
     authenticated whether or not THIS process ran setup).
  3. `POST /posts/?source=html` / `GET /posts/<id>/` — create + read back.

Admin credentials are class-B run-scoped (deterministic within a run; the whole app — DB + secrets —
is destroyed at teardown). Password is ≥10 chars per Ghost's setup requirement.
"""

from __future__ import annotations

import http.cookiejar
import json
import ssl
import urllib.error
import urllib.request

# Per-run *.ci.commoninternet.net domains use the operator wildcard cert via Traefik file provider;
# the real-cert check is done once in the generic install assertion, so content/API calls skip the
# chain check (same rationale as runner/harness/http._CTX).
_CTX = ssl.create_default_context()
_CTX.check_hostname = False
_CTX.verify_mode = ssl.CERT_NONE

ADMIN_NAME = "CCCI Admin"
ADMIN_EMAIL = "ccci-admin@ccci.example.com"
ADMIN_PW = "Ccci-Test-Pw-2026!"  # >=10 chars (Ghost setup requirement)
BLOG_TITLE = "CCCI Test Blog"


def _json(raw: bytes) -> object | None:
    try:
        return json.loads(raw)
    except (json.JSONDecodeError, ValueError):
        return None


class GhostAdmin:
    def __init__(self, domain: str):
        self.base = f"https://{domain}/ghost/api/admin"
        self.origin = f"https://{domain}"
        self._jar = http.cookiejar.CookieJar()
        self._opener = urllib.request.build_opener(
            urllib.request.HTTPCookieProcessor(self._jar),
            urllib.request.HTTPSHandler(context=_CTX),
        )

    def req(self, method: str, path: str, body: dict | None = None, timeout: int = 60):
        url = f"{self.base}{path}"
        data = json.dumps(body).encode() if body is not None else None
        req = urllib.request.Request(url, data=data, method=method)
        if data is not None:
            req.add_header("Content-Type", "application/json")
        # CSRF: Ghost requires Origin to match the configured site url on state-changing requests.
        req.add_header("Origin", self.origin)
        try:
            with self._opener.open(req, timeout=timeout) as resp:
                return resp.getcode(), _json(resp.read())
        except urllib.error.HTTPError as e:
            return e.code, _json(e.read())
        except Exception as e:  # noqa: BLE001 — transport-level: surface as status 0
            return 0, {"transport_error": str(e)}

    def ensure_authenticated(self) -> None:
        # Ensure the owner exists (fresh deploy → 201; already set up → 4xx, ignored).
        self.req(
            "POST",
            "/authentication/setup/",
            {
                "setup": [
                    {
                        "name": ADMIN_NAME,
                        "email": ADMIN_EMAIL,
                        "password": ADMIN_PW,
                        "blogTitle": BLOG_TITLE,
                    }
                ]
            },
        )
        # Always establish a fresh admin session (cookie persists in self._jar).
        status, body = self.req(
            "POST", "/session/", {"username": ADMIN_EMAIL, "password": ADMIN_PW}
        )
        assert status in (200, 201), (
            f"ghost admin session login failed: HTTP {status}, body={body!r}"
        )

    def create_post(self, title: str, html: str) -> dict:
        status, body = self.req(
            "POST",
            "/posts/?source=html",
            {"posts": [{"title": title, "html": html, "status": "published"}]},
        )
        assert status in (200, 201), f"create post failed: HTTP {status}, body={body!r}"
        posts = (body or {}).get("posts") or []
        assert posts and posts[0].get("id"), f"create post returned no id: {body!r}"
        return posts[0]

    def get_post(self, post_id: str) -> dict:
        status, body = self.req("GET", f"/posts/{post_id}/?formats=html")
        assert status == 200, f"read post failed: HTTP {status}, body={body!r}"
        posts = (body or {}).get("posts") or []
        assert posts, f"read post returned empty: {body!r}"
        return posts[0]