package main

import (
	"crypto/tls"
	"crypto/x509"
	"io"
	"log"
	"mtls/pkg/castore"
	"net/http"
	"os"
)

var certPool *x509.CertPool

const (
	CLIENT_CRT_FILE = "pki/client.crt"
	CLIENT_KEY_FILE = "pki/client.key"
	SERVER_ADDRESS  = "https://localhost:8080/hello"
)

func main() {
	log.Default().SetFlags(log.Lshortfile)
	certPool = castore.NewCAstore()
	clientKeyPair, err := tls.LoadX509KeyPair(CLIENT_CRT_FILE, CLIENT_KEY_FILE)
	if err != nil {
		log.Fatal(err)
	}

	client := &http.Client{
		Transport: &http.Transport{
			TLSClientConfig: &tls.Config{
				RootCAs:      certPool,
				Certificates: []tls.Certificate{clientKeyPair},
			},
		},
	}

	resp, err := client.Get(SERVER_ADDRESS)
	if err != nil {
		log.Fatal(err)
	}

	for _, cert := range resp.TLS.PeerCertificates {
		log.Printf("Peer certificate CommonName: %s", cert.Subject.CommonName)
	}

	_, err = io.Copy(os.Stdout, resp.Body)
	if err != nil {
		log.Fatal(err)
	}
}