import { describe, it, expect } from "vitest";
import { checkUrlForPhishing } from "../src/lib/phishing-detector";

describe("checkUrlForPhishing", () => {
  it("should return isPhishing: false for a normal URL", () => {
    const result = checkUrlForPhishing("https://www.google.com");
    expect(result.isPhishing).toBe(false);
    expect(result.confidence).toBe(0);
    expect(result.reasons).toHaveLength(0);
  });

  it("should detect known phishing domains", () => {
    const result = checkUrlForPhishing("https://kordant-secure.com/login");
    expect(result.isPhishing).toBe(true);
    expect(result.reasons).toContain("Known phishing domain: kordant-secure.com");
  });

  it("should detect suspicious URL patterns", () => {
    const result = checkUrlForPhishing("https://login-secure.example.com");
    expect(result.isPhishing).toBe(true);
    expect(result.reasons.length).toBeGreaterThan(0);
  });

  it("should detect phishing with multiple signals for high confidence", () => {
    const result = checkUrlForPhishing(
      "https://kordant-verify.com/account-update/verify",
    );
    expect(result.isPhishing).toBe(true);
    expect(result.confidence).toBeGreaterThan(0.5);
    expect(result.reasons.length).toBeGreaterThanOrEqual(1);
  });

  it("should handle invalid URLs gracefully", () => {
    const result = checkUrlForPhishing("not-a-valid-url");
    expect(result.isPhishing).toBe(true);
    expect(result.reasons).toContain("Invalid URL format");
  });

  it("should detect phishing with subdomain of known domain", () => {
    const result = checkUrlForPhishing("https://login.kordant-secure.com");
    expect(result.isPhishing).toBe(true);
  });

  it("should not flag legitimate kordant.ai URLs", () => {
    const result = checkUrlForPhishing("https://api.kordant.ai/api/trpc");
    expect(result.isPhishing).toBe(false);
  });
});