package httpsUtil

import (
	"bytes"
	"crypto/tls"
	"crypto/x509"
	"encoding/json"
	"io"
	"net/http"
	"time"
)

func PostJson(url string, reqData map[string]any) (int, []byte, error) {
	jsonData, err := json.Marshal(reqData)
	if err != nil {
		return -1, nil, err
	}

	// 创建请求
	req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonData))
	if err != nil {
		return -1, nil, err
	}
	req.Header.Set("Content-Type", "application/json;charset=utf-8")
	req.Header.Set("User-Agent", "Go-HTTPS-Client/1.0")
	// 创建自定义验证函数
	customVerify := func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
		cert, _ := x509.ParseCertificate(rawCerts[0])

		// 检查 IP 是否匹配（跳过 SAN 检查）
		ip := "9.80.35.166"
		for _, addr := range cert.IPAddresses {
			if addr.String() == ip {
				return nil // IP 匹配
			}
		}

		return x509.CertificateInvalidError{
			Cert:   cert,
			Reason: x509.NameMismatch,
		}
	}
	// 配置 TLS
	conf := &tls.Config{
		ServerName:            "9.80.35.166",
		InsecureSkipVerify:    true,         // 跳过默认验证
		VerifyPeerCertificate: customVerify, // 使用自定义验证
	}
	// 创建客户端
	client := &http.Client{
		Timeout: 10 * time.Second,
		Transport: &http.Transport{
			TLSClientConfig: conf,
		},
	}

	// 发送请求
	resp, err := client.Do(req)
	if err != nil {
		return -1, nil, err
	}
	defer resp.Body.Close()
	// 读取响应
	body, err := io.ReadAll(resp.Body)
	if err != nil {
		return -1, nil, err
	}
	// fmt.Printf("状态码: %d\n", resp.StatusCode)
	// fmt.Printf("响应体: %s\n", body)

	return resp.StatusCode, body, nil
}