"""
Test script for XSS Detection API
Run this after starting the server to verify everything works
"""
import requests
import json

BASE_URL = "http://localhost:8080/api/v1"


def test_health():
    """Test health endpoint"""
    print("🔍 Testing health endpoint...")
    response = requests.get(f"{BASE_URL}/health")
    print(f"Status: {response.status_code}")
    print(f"Response: {json.dumps(response.json(), indent=2)}\n")


def test_php_vulnerable():
    """Test PHP vulnerable code"""
    print("🔍 Testing PHP vulnerable code...")
    payload = {
        "code": "<?php echo $_GET['input']; ?>",
        "language": "php",
        "file_path": "test.php"
    }
    response = requests.post(f"{BASE_URL}/scan", json=payload)
    print(f"Status: {response.status_code}")
    print(f"Response: {json.dumps(response.json(), indent=2)}\n")


def test_php_safe():
    """Test PHP safe code"""
    print("🔍 Testing PHP safe code...")
    payload = {
        "code": "<?php echo htmlspecialchars($_GET['input'], ENT_QUOTES, 'UTF-8'); ?>",
        "language": "php",
        "file_path": "safe.php"
    }
    response = requests.post(f"{BASE_URL}/scan", json=payload)
    print(f"Status: {response.status_code}")
    print(f"Response: {json.dumps(response.json(), indent=2)}\n")


def test_js_vulnerable():
    """Test JS vulnerable code"""
    print("🔍 Testing JS vulnerable code...")
    payload = {
        "code": "document.getElementById('output').innerHTML = userInput;",
        "language": "js",
        "file_path": "test.js"
    }
    response = requests.post(f"{BASE_URL}/scan", json=payload)
    print(f"Status: {response.status_code}")
    print(f"Response: {json.dumps(response.json(), indent=2)}\n")


def test_batch():
    """Test batch scanning"""
    print("🔍 Testing batch scan...")
    payload = {
        "files": [
            {
                "code": "<?php echo $_POST['name']; ?>",
                "language": "php"
            },
            {
                "code": "<?php echo htmlspecialchars($_POST['name']); ?>",
                "language": "php"
            }
        ]
    }
    response = requests.post(f"{BASE_URL}/scan/batch", json=payload)
    print(f"Status: {response.status_code}")
    print(f"Response: {json.dumps(response.json(), indent=2)}\n")


if __name__ == "__main__":
    print("🚀 Starting API tests...\n")
    
    try:
        test_health()
        test_php_vulnerable()
        test_php_safe()
        test_js_vulnerable()
        test_batch()
        
        print("✅ All tests completed!")
        
    except requests.exceptions.ConnectionError:
        print("❌ Error: Cannot connect to API server")
        print("Make sure the server is running: python -m api.main")
    except Exception as e:
        print(f"❌ Error: {e}")