#ifndef BOOST_BEAST_EXAMPLE_COMMON_SERVER_CERTIFICATE_HPP
#define BOOST_BEAST_EXAMPLE_COMMON_SERVER_CERTIFICATE_HPP

#include <boost/asio/buffer.hpp>
#include <boost/asio/ssl/context.hpp>
#include <cstddef>
#include <memory>
#include <sstream>
#include <fstream>
#include <streambuf>
#include <cstdlib>
#include <boost/algorithm/string.hpp> //split trim
#include <iostream>
#include <boost/filesystem.hpp>

// https://github.com/compuphase/minIni
#include "./minIni/minIni.h"



boost::filesystem::path full_path(boost::filesystem::current_path());
std::string current_path(full_path.c_str());

std::string door_server_ini=current_path+"/assets/door_server.ini";
//const char* ccx = current_path_str.c_str();
//const char door_server_ini[current_path_str.length()] = current_path_str.c_str();
//const char door_server_ini[] = "/home/rock/code/doorbell/build/assets/door_server.ini";
#define sizearray(a)  (sizeof(a) / sizeof((a)[0]))

std::string readFile(const std::string& file_name)
{
    std::ifstream file_stream{file_name};

    if (file_stream.fail())
    {
        // Error opening file.
    }

    std::ostringstream str_stream{};
    file_stream >> str_stream.rdbuf();  // NOT str_stream << file_stream.rdbuf()

    if (file_stream.fail() && !file_stream.eof())
    {
        // Error reading file.
    }

    return str_stream.str();
}

/*  Load a signed certificate into the ssl context, and configure
    the context for use with a server.

    For this to work with the browser or operating system, it is
    necessary to import the "Beast Test CA" certificate into
    the local certificate store, browser, or operating system
    depending on your environment Please see the documentation
    accompanying the Beast certificate for more details.
*/
inline void load_server_certificate(boost::asio::ssl::context& ctx){
	char str_ini[100];

	ini_gets("door_server", "certs_path", "dummy", str_ini, sizearray(str_ini), door_server_ini.c_str());
	std::string certs_path(str_ini);
	boost::algorithm::trim(certs_path);
	if(	certs_path == "dummy" ){
		std::cout << "ERROR!!!!! ini certs_path is dummy: " << std::endl;
		return;
	}

	ini_gets("door_server", "domain", "dummy", str_ini, sizearray(str_ini), door_server_ini.c_str());
	std::string domain(str_ini);
	boost::algorithm::trim(domain);
	if(	domain == "dummy" ){
		std::cout << "ERROR!!!!! ini domain is dummy: " << std::endl;
		return;
	}
		
	//char const* home = getenv("HOME");
	//std::string home_path(home);
	//std::string certs_path=home_path+"/certs/"+domain+"/";
	certs_path=certs_path+"/";

	std::cout << "certs path: " << certs_path << std::endl;
	
	std::string const cert_filename = certs_path+"fullchain.pem";
	ctx.use_certificate_file(cert_filename, boost::asio::ssl::context_base::file_format::pem);	
	
	std::string const ca_filename = certs_path+"ca.pem";
	//ctx(boost::asio::ssl::context::sslv23);
	//ctx.set_verify_mode(boost::asio::ssl::verify_peer);
	ctx.load_verify_file(ca_filename);
	
	std::string const key_filename = certs_path+"key.pem";
	std::string const dh = readFile(certs_path+"dh.pem");
    
    ctx.set_password_callback(
        [](std::size_t,
            boost::asio::ssl::context_base::password_purpose)
        {
            return "test";
        });

    ctx.set_options(
        boost::asio::ssl::context::default_workarounds |
        boost::asio::ssl::context::no_sslv2 |
        boost::asio::ssl::context::single_dh_use);

    std::ifstream ifs2{ key_filename };
	std::string key{ (std::istreambuf_iterator<char>(ifs2)),(std::istreambuf_iterator<char>()) };

	ctx.use_rsa_private_key(boost::asio::buffer(key.data(), key.size()), boost::asio::ssl::context::file_format::pem);

	ctx.use_tmp_dh(boost::asio::buffer(dh.data(), dh.size()));
}
#endif