package cluster

import (
	"context"
	"net/http"
	"time"

	"scm.bstein.dev/bstein/ananke/internal/config"
)

// TestHookChecklistAuthHTTPClient runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookChecklistAuthHTTPClient(ctx context.Context, timeout time.Duration, insecureSkipTLS bool) (*http.Client, error).
// Why: exposes checklist auth client/session bootstrap internals to top-level tests.
func (o *Orchestrator) TestHookChecklistAuthHTTPClient(ctx context.Context, timeout time.Duration, insecureSkipTLS bool) (*http.Client, error) {
	return o.checklistAuthHTTPClient(ctx, timeout, insecureSkipTLS)
}

// TestHookAuthenticateRobotChecklistSession runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookAuthenticateRobotChecklistSession(ctx context.Context, client *http.Client) error.
// Why: exposes robotuser auth session internals to top-level tests.
func (o *Orchestrator) TestHookAuthenticateRobotChecklistSession(ctx context.Context, client *http.Client) error {
	return o.authenticateRobotChecklistSession(ctx, client)
}

// TestHookKubernetesSecretValue runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookKubernetesSecretValue(ctx context.Context, namespace string, name string, key string) (string, error).
// Why: exposes Kubernetes secret decode internals to top-level tests.
func (o *Orchestrator) TestHookKubernetesSecretValue(ctx context.Context, namespace string, name string, key string) (string, error) {
	return o.kubernetesSecretValue(ctx, namespace, name, key)
}

// TestHookKeycloakAdminCredentials runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookKeycloakAdminCredentials(ctx context.Context, auth config.ServiceChecklistAuthSettings) (string, string, error).
// Why: exposes secret-backed credential resolution internals to top-level tests.
func (o *Orchestrator) TestHookKeycloakAdminCredentials(ctx context.Context, auth config.ServiceChecklistAuthSettings) (string, string, error) {
	return o.keycloakAdminCredentials(ctx, auth)
}

// TestHookKeycloakAdminToken runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookKeycloakAdminToken(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminUser string, adminPassword string) (string, error).
// Why: exposes Keycloak admin token acquisition internals to top-level tests.
func (o *Orchestrator) TestHookKeycloakAdminToken(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminUser string, adminPassword string) (string, error) {
	return o.keycloakAdminToken(ctx, client, auth, adminUser, adminPassword)
}

// TestHookKeycloakRobotUserID runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookKeycloakRobotUserID(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminToken string) (string, error).
// Why: exposes Keycloak robot-user lookup internals to top-level tests.
func (o *Orchestrator) TestHookKeycloakRobotUserID(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminToken string) (string, error) {
	return o.keycloakRobotUserID(ctx, client, auth, adminToken)
}

// TestHookKeycloakImpersonationRedirect runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookKeycloakImpersonationRedirect(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminToken string, robotUserID string) (string, error).
// Why: exposes Keycloak impersonation internals to top-level tests.
func (o *Orchestrator) TestHookKeycloakImpersonationRedirect(ctx context.Context, client *http.Client, auth config.ServiceChecklistAuthSettings, adminToken string, robotUserID string) (string, error) {
	return o.keycloakImpersonationRedirect(ctx, client, auth, adminToken, robotUserID)
}

// TestHookHTTPChecklistProbeWithLocation runs one orchestration or CLI step.
// Signature: (o *Orchestrator) TestHookHTTPChecklistProbeWithLocation(ctx context.Context, check config.ServiceChecklistCheck) (int, string, string, string, error).
// Why: exposes redirect-aware checklist probe internals to top-level tests.
func (o *Orchestrator) TestHookHTTPChecklistProbeWithLocation(ctx context.Context, check config.ServiceChecklistCheck) (int, string, string, string, error) {
	return o.httpChecklistProbeWithLocation(ctx, check)
}

// TestHookKeycloakBaseURL runs one orchestration or CLI step.
// Signature: TestHookKeycloakBaseURL(auth config.ServiceChecklistAuthSettings) string.
// Why: exposes base URL normalizer helper to top-level tests.
func TestHookKeycloakBaseURL(auth config.ServiceChecklistAuthSettings) string {
	return keycloakBaseURL(auth)
}

// TestHookCompactHTTPBody runs one orchestration or CLI step.
// Signature: TestHookCompactHTTPBody(raw []byte) string.
// Why: exposes compact HTTP body helper to top-level tests.
func TestHookCompactHTTPBody(raw []byte) string {
	return compactHTTPBody(raw)
}