use crate::tcp_relay_server::server_config::ServerConfig;
use crate::test::pki::Pki;
use crate::test::{get_port_number, PortsAllocation};

fn port(index: u16) -> u16 {
    get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
}

#[tokio::test]
async fn with_tls_server() {
    let _ = env_logger::builder().is_test(true).try_init();

    let pki = Pki::load();

    crate::tcp_relay_server::run_app(ServerConfig {
        tokens: vec![],
        tokens_file: None,
        ports: vec![port(1)],
        upstream_server: "127.0.0.1".to_string(),
        listen_address: format!("127.0.0.1:{}", port(0)),
        increment_ports: 1,
        tls_cert: Some(pki.root_ca_crl.file_path()),
        tls_key: Some(pki.localhost_key.file_path()),
        tls_client_auth_root_cert: None,
        tls_revocation_list: None,
    })
    .await
    .unwrap_err();
}

#[tokio::test]
async fn without_tls_server() {
    let _ = env_logger::builder().is_test(true).try_init();

    crate::tcp_relay_server::run_app(ServerConfig {
        tokens: vec![],
        tokens_file: None,
        ports: vec![port(1)],
        upstream_server: "127.0.0.1".to_string(),
        listen_address: format!("127.0.0.1:{}", port(0)),
        increment_ports: 1,
        tls_cert: None,
        tls_key: None,
        tls_client_auth_root_cert: None,
        tls_revocation_list: None,
    })
    .await
    .unwrap_err();
}

#[tokio::test]
async fn tls_auth_without_tls_config() {
    let _ = env_logger::builder().is_test(true).try_init();

    let pki = Pki::load();

    crate::tcp_relay_server::run_app(ServerConfig {
        tokens: vec![],
        tokens_file: None,
        ports: vec![port(1)],
        upstream_server: "127.0.0.1".to_string(),
        listen_address: format!("127.0.0.1:{}", port(0)),
        increment_ports: 1,
        tls_cert: None,
        tls_key: None,
        tls_client_auth_root_cert: Some(pki.root_ca_crt.file_path()),
        tls_revocation_list: None,
    })
    .await
    .unwrap_err();
}