package leap.oauth2.server.endpoint;

import java.util.stream.Stream;
import leap.core.annotation.ConfigProperty;
import leap.core.annotation.Configurable;
import leap.core.annotation.Inject;
import leap.core.security.token.jwt.JwtSigner;
import leap.core.validation.annotations.NotNull;
import leap.oauth2.server.endpoint.jwks.JwkToken;
import leap.oauth2.server.endpoint.jwks.JwkWriter;
import leap.web.App;
import leap.web.Endpoint;
import leap.web.Handler;
import leap.web.Request;
import leap.web.Response;
import leap.web.route.Routes;

@Configurable(prefix = "oauth2.as.jwks")
/* loaded from: input_file:leap/oauth2/server/endpoint/JwkEndpoint.class */
public class JwkEndpoint extends AbstractAuthzEndpoint implements Endpoint, Handler {

    @ConfigProperty(key = {"jwkPath"}, defaultValue = "/oauth2/token_key")
    private String[] jwkPath;

    @Inject
    private JwtSigner signer;

    @NotNull
    @Inject(name = "oauth2PublicKey")
    private JwkToken oauth2PublicKey;

    public void startEndpoint(App app, Routes routes) throws Throwable {
        if (this.config.isEnabled()) {
            Stream.of((Object[]) this.jwkPath).distinct().forEach(str -> {
                this.sc.ignore(str);
                routes.create().handle(str, this).disableCsrf().enableCors().apply();
            });
        }
    }

    public void handle(Request request, Response response) throws Throwable {
        JwkWriter.create(request).write(this.oauth2PublicKey);
    }
}
