#!/bin/bash

# Simple test script to verify Postman collection has API key authentication

echo "🔍 Verifying Postman Collection API Key Authentication..."
echo

# Check if collection file exists
if [ ! -f "manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json" ]; then
    echo "❌ Postman collection file not found!"
    exit 1
fi

# Count API key headers
api_key_count=$(grep -c '"X-API-Key"' manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json)
api_secret_count=$(grep -c '"X-API-Secret"' manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json)
bearer_count=$(grep -c '"Bearer {{partner_token}}"' manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json)

echo "📊 Authentication Headers Count:"
echo "   X-API-Key headers: $api_key_count"
echo "   X-API-Secret headers: $api_secret_count"
echo "   Old Bearer tokens: $bearer_count"
echo

# Check variables
if grep -q "partner_api_key" manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json; then
    echo "✅ partner_api_key variable found"
else
    echo "❌ partner_api_key variable missing"
fi

if grep -q "partner_api_secret" manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json; then
    echo "✅ partner_api_secret variable found"
else
    echo "❌ partner_api_secret variable missing"
fi

# Check base URL
if grep -q '"http://localhost:4000"' manual_testing/postman/Mercury_UPI_PSP_Postman_Collection.json; then
    echo "✅ Base URL updated to localhost:4000"
else
    echo "⚠️  Base URL might not be updated"
fi

echo
echo "🎯 Expected for Partner APIs:"
echo "   - Each Partner API should have both X-API-Key and X-API-Secret headers"
echo "   - No Bearer token headers should remain"
echo "   - NPCI APIs (upi/*) should have no authentication headers"
echo
echo "📝 Next Steps:"
echo "   1. Generate API keys: mix run priv/scripts/generate_api_keys.exs"
echo "   2. Update collection variables with your actual API keys"
echo "   3. Import this collection into Postman"
echo "   4. Test with 'List Merchants' endpoint"