<?php
/**
 * Miravia API Endpoint Testing Script
 * Tests various endpoints to validate authentication and structure
 */

// Your credentials
$app_key = '511420';
$app_secret = 'hOzF4xsW6sBvPQPMSVTWyzYmyjg1gsiL';
$access_token = '50000601517cxQldir9UpDdjDy8Oz1b4db215xHIevjZizVkfWDowiJw3x3dnpEp';

class MiraviaAPITester 
{
    private $app_key;
    private $app_secret;
    private $access_token;
    
    public function __construct($app_key, $app_secret, $access_token) 
    {
        $this->app_key = $app_key;
        $this->app_secret = $app_secret;
        $this->access_token = $access_token;
    }
    
    /**
     * Generate HMAC-SHA256 signature for API request
     */
    private function generateSignature($api_name, $params) 
    {
        ksort($params);
        $stringToBeSigned = $api_name;
        foreach ($params as $k => $v) {
            if (is_array($v) || is_object($v)) {
                $v = json_encode($v);
            }
            $stringToBeSigned .= $k . $v;
        }
        return strtoupper(hash_hmac('sha256', $stringToBeSigned, $this->app_secret));
    }
    
    /**
     * Make API request using cURL
     */
    private function makeRequest($gateway_url, $api_method, $params = []) 
    {
        echo "\n" . str_repeat("=", 80) . "\n";
        echo "Testing: {$api_method}\n";
        echo "Gateway: {$gateway_url}\n";
        echo str_repeat("=", 80) . "\n";
        
        // System parameters
        $sysParams = [
            'app_key' => $this->app_key,
            'sign_method' => 'sha256',
            'timestamp' => time() * 1000,
            'partner_id' => 'iop-sdk-php-20220608',
            'method' => $api_method,
            'v' => '1.0',
            'format' => 'json',
            'access_token' => $this->access_token
        ];
        
        // Merge with API parameters
        $allParams = array_merge($params, $sysParams);
        
        // Generate signature
        $signature = $this->generateSignature($api_method, $allParams);
        $allParams['sign'] = $signature;
        
        echo "Request Parameters:\n";
        foreach ($allParams as $key => $value) {
            if ($key === 'access_token') {
                echo "  {$key}: " . substr($value, 0, 20) . "...\n";
            } elseif ($key === 'sign') {
                echo "  {$key}: {$value}\n";
            } else {
                echo "  {$key}: {$value}\n";
            }
        }
        
        // Make cURL request
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $gateway_url);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($allParams));
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($ch, CURLOPT_TIMEOUT, 30);
        curl_setopt($ch, CURLOPT_HTTPHEADER, [
            'Content-Type: application/x-www-form-urlencoded'
        ]);
        
        $start_time = microtime(true);
        $response = curl_exec($ch);
        $end_time = microtime(true);
        
        $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
        $error = curl_error($ch);
        curl_close($ch);
        
        $response_time = round(($end_time - $start_time) * 1000, 2);
        
        echo "\nResponse Details:\n";
        echo "  HTTP Code: {$http_code}\n";
        echo "  Response Time: {$response_time}ms\n";
        if ($error) {
            echo "  cURL Error: {$error}\n";
        }
        
        echo "\nResponse Body:\n";
        if ($response) {
            // Try to format JSON response
            $json = json_decode($response, true);
            if ($json) {
                echo json_encode($json, JSON_PRETTY_PRINT) . "\n";
            } else {
                // If not JSON, show raw response (truncated if too long)
                $display_response = strlen($response) > 1000 ? substr($response, 0, 1000) . "...[truncated]" : $response;
                echo $display_response . "\n";
            }
        } else {
            echo "No response body\n";
        }
        
        return [
            'http_code' => $http_code,
            'response' => $response,
            'error' => $error,
            'response_time' => $response_time
        ];
    }
    
    /**
     * Test different gateway URLs and endpoints
     */
    public function runTests() 
    {
        echo "MIRAVIA API ENDPOINT TESTING\n";
        echo "============================\n";
        echo "App Key: {$this->app_key}\n";
        echo "Access Token: " . substr($this->access_token, 0, 20) . "...\n";
        echo "Timestamp: " . date('Y-m-d H:i:s') . "\n\n";
        
        // Test different gateways and endpoints
        $test_cases = [
            // Miravia API gateway attempts
            [
                'gateway' => 'https://api.miravia.es/sync',
                'method' => 'lazada.product.get',
                'params' => ['limit' => 1]
            ],
            [
                'gateway' => 'https://api.miravia.es/sync',
                'method' => 'lazada.seller.get',
                'params' => []
            ],
            [
                'gateway' => 'https://api.miravia.es/sync',
                'method' => 'lazada.category.tree.get',
                'params' => ['language' => 'en']
            ],
            
            // AliExpress API for Miravia
            [
                'gateway' => 'https://api-sg.aliexpress.com/sync',
                'method' => 'aliexpress.seller.info.query',
                'params' => []
            ],
            [
                'gateway' => 'https://api-sg.aliexpress.com/sync',
                'method' => 'aliexpress.postproduct.redefining.getcategoryattributes',
                'params' => ['category_id' => '201336100']
            ],
            
            // European AliExpress gateway
            [
                'gateway' => 'https://api.aliexpress.com/sync',
                'method' => 'aliexpress.seller.info.query',
                'params' => []
            ],
            
            // Global gateway
            [
                'gateway' => 'https://eco.aliexpress.com/sync',
                'method' => 'aliexpress.seller.info.query',
                'params' => []
            ]
        ];
        
        $results = [];
        foreach ($test_cases as $index => $test) {
            $result = $this->makeRequest($test['gateway'], $test['method'], $test['params']);
            $results[] = [
                'test' => $test,
                'result' => $result
            ];
            
            // Brief pause between requests
            sleep(1);
        }
        
        // Summary
        echo "\n" . str_repeat("=", 80) . "\n";
        echo "TEST SUMMARY\n";
        echo str_repeat("=", 80) . "\n";
        
        foreach ($results as $index => $test_result) {
            $test = $test_result['test'];
            $result = $test_result['result'];
            
            $status = $result['http_code'] == 200 ? 'SUCCESS' : 'FAILED';
            $gateway_short = parse_url($test['gateway'], PHP_URL_HOST);
            
            echo sprintf("%-30s %-25s %-10s (%d)\n", 
                $test['method'], 
                $gateway_short, 
                $status,
                $result['http_code']
            );
        }
        
        echo "\nRecommendations:\n";
        echo "- Look for HTTP 200 responses with valid JSON\n";
        echo "- Check for specific error messages that indicate correct API but auth issues\n";
        echo "- 302 redirects might indicate wrong gateway URL\n";
        echo "- 405 Method Not Allowed indicates wrong HTTP method or endpoint structure\n";
        
        return $results;
    }
}

// Run the tests
$tester = new MiraviaAPITester($app_key, $app_secret, $access_token);
$results = $tester->runTests();