//! WASM integration test for SessionManager using kvstore::WasmStore


use vault::{Vault, KeyType, KeyMetadata, SessionManager};
#[cfg(target_arch = "wasm32")]
use kvstore::WasmStore;
use wasm_bindgen_test::*;

wasm_bindgen_test_configure!(run_in_browser);

#[cfg(target_arch = "wasm32")]
#[wasm_bindgen_test(async)]
async fn wasm_session_manager_end_to_end() {
    let store = WasmStore::open("test").await.expect("open WasmStore");
    let mut vault = Vault::new(store);
    let keyspace = "personal";
    let password = b"testpass";

    // Create keyspace
    vault.create_keyspace(keyspace, password, None).await.expect("create_keyspace");
    // Add keypair
    let key_id = vault.add_keypair(keyspace, password, Some(KeyType::Secp256k1), Some(KeyMetadata { name: Some("main".to_string()), created_at: None, tags: None })).await.expect("add_keypair");

    // Create session manager
    let mut session = SessionManager::new(vault);
    session.unlock_keyspace(keyspace, password).await.expect("unlock_keyspace");
    session.select_keyspace(keyspace).expect("select_keyspace");
    session.select_keypair(&key_id).expect("select_keypair");

    // Sign and verify
    let msg = b"hello world";
    let sig = session.sign(msg).await.expect("sign");
    let _keypair = session.current_keypair().expect("current_keypair");
    let verified = session
        .get_vault()
        .verify(keyspace, password, &key_id, msg, &sig)
        .await
        .unwrap();
    assert!(verified, "signature should verify");

    // Logout wipes secrets
    session.logout();
    assert!(session.current_keyspace().is_none());
    assert!(session.sign(b"fail").await.is_err());
    // No public API for unlocked_keyspaces, but behavior is covered by above asserts
}