// 1. Check with match OTP code using HOTP/TOTP, verify the results
// 2. Check with not matched code using HOTP/TOTP, verify the results
func TestVerifyHotpCode(t *testing.T) {
	var exp string
	userName := usersName[0]

	initAListOfUsers(t, usersName)

	secret, _ := json.Marshal(cr.Secret{Secret: secretCode})
	url := resourcePath + "/" + userName
	okURLJ := cr.URL{URL: fmt.Sprintf("%v/%v", servicePath, userName)}
	exeCommandCheckRes(t, cr.HTTPPutStr, url, http.StatusCreated, string(secret), okURLJ) // TODO fix it
	user, _ := otp.NewSimpleOtpUser([]byte(secretCode), false)

	for i := 0; i < 2; i++ {
		if i == 0 { // HOTP
			exp, _ = user.BaseHotp.AtCount(user.BaseHotp.Count)
			url = listener + servicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[verifyUserCodeCommand]), usersPath, userName, verifyHotpTypeParam)
		} else {
			exp, _ = user.BaseTotp.Now()
			url = listener + servicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[verifyUserCodeCommand]), usersPath, userName, verifyTotpTypeParam)
		}
		secret, _ = json.Marshal(cr.Secret{Secret: exp})
		exeCommandCheckRes(t, cr.HTTPPostStr, url, http.StatusOK, string(secret), cr.Match{Match: true, Message: cr.NoMessageStr})
		// The same code can't be used twice
		exeCommandCheckRes(t, cr.HTTPPostStr, url, http.StatusOK, string(secret), cr.Match{Match: false, Message: cr.NoMessageStr})
	}
}
func GenerateUserData(el *EntityManager, usersName []string, secret []byte, salt []byte) {
	el.AddUser(usersName[0])
	el.AddResource("r" + usersName[0])
	amData, _ := am.NewUserAm(am.SuperUserPermission, secret, salt, false)
	el.AddPropertyToEntity(usersName[0], defs.AmPropertyName, amData)
	otpData, _ := otp.NewSimpleOtpUser(secret, false)
	el.AddPropertyToEntity(usersName[0], defs.OtpPropertyName, otpData)
	pwdData, _ := password.NewUserPwd(secret, salt, false)
	el.AddPropertyToEntity(usersName[0], defs.PwdPropertyName, pwdData)
	ocraData, _ := ocra.NewOcraUser([]byte("ABCD1234"), "OCRA-1:HOTP-SHA512-8:C-QH08-T1M-S064-PSHA256")
	el.AddPropertyToEntity(usersName[0], defs.OcraPropertyName, ocraData)

	el.AddUser(usersName[1])
	el.AddPropertyToEntity(usersName[1], defs.OtpPropertyName, otpData)
}
func (u OtpRestful) restAddOtp(request *restful.Request, response *restful.Response) {
	var secret cr.Secret
	name := request.PathParameter(userIDParam)
	err := request.ReadEntity(&secret)
	if err != nil {
		u.setError(response, http.StatusBadRequest, err)
		return
	}
	data, err := otp.NewSimpleOtpUser([]byte(secret.Secret), checkSecretStrength)
	if err != nil {
		u.setError(response, http.StatusBadRequest, err)
		return
	}
	err = u.st.UsersList.AddPropertyToEntity(name, defs.OtpPropertyName, data)
	if err != nil {
		u.setError(response, http.StatusNotFound, err)
		return
	}
	response.WriteHeaderAndEntity(http.StatusCreated, u.getURLPath(request, name))
}
func Test_AddCheckRemoveOtpUserProperty(t *testing.T) {
	moduleData, _ := otp.NewSimpleOtpUser(secret, false)

	testAddCheckRemoveUserProperty(t, defs.OtpPropertyName, moduleData)
}