mod certificate_resolver;

use std::{error::Error, io::Write};
use std::net::TcpListener;
use std::sync::Arc;
use rustls::server::{ServerConfig, Acceptor};
use certificate_resolver::CertificateResolver;

fn main() -> Result<(), Box<dyn Error>> {
    env_logger::init();

    let ed25519_key = [67, 172, 227, 162, 104, 7, 219, 85, 140, 212, 238, 223, 8, 206, 63, 0, 91, 20, 173, 188, 82, 207, 110, 235, 3, 55, 237, 2, 25, 65, 40, 186];

    let cert_resolver = Arc::new(CertificateResolver::new("./ed25519.crt".to_string(), ed25519_key));

    let config = Arc::new(ServerConfig::builder()
        .with_safe_defaults()
        .with_no_client_auth()
        .with_cert_resolver(cert_resolver));

    
    let listener = TcpListener::bind("127.0.0.1:1337").unwrap();
    
    for stream in listener.incoming() {
        let mut stream = stream.unwrap();
        let mut acceptor = Acceptor::default();

        // Read TLS packets until we've consumed a full client hello and are ready to accept a
        // connection.
        let accepted = loop {
            acceptor.read_tls(&mut stream).unwrap();
            if let Some(accepted) = acceptor.accept().unwrap() {
                break accepted;
            }
        };

        let mut conn = accepted.into_connection(config.clone())?;

        // Proceed with handling the ServerConnection
        // Important: We do no error handling here, but you should!
        _ = conn.complete_io(&mut stream);

        // let mut buf: Vec<u8> = Vec::new();
        // conn.reader().read_to_end(&mut buf).unwrap();
        // println!("{:?}", buf);

        let mut writer = conn.writer();

        writer.write_all("HTTP/1.1 200 OK\r\nContent-Length: 11\r\n\r\nIt works!!!".as_bytes())?;
        writer.flush()?;

        conn.write_tls(&mut stream).unwrap();
        _ = conn.complete_io(&mut stream);
        conn.send_close_notify();
        _ = conn.complete_io(&mut stream);
    }

    Ok(())
}