package oauth2

import (
	"crypto/x509"
	"net/http"

	"edge-infra.dev/pkg/edge/iam/config"

	"github.com/gin-gonic/gin"
	"gopkg.in/square/go-jose.v2"
)

func (oauth2 *OAuth2) jwks(ctx *gin.Context) {
	// just one key for now until we start supporting rotating them
	jwks := &jose.JSONWebKeySet{
		Keys: []jose.JSONWebKey{
			{
				Algorithm:                   "RS256",
				Key:                         config.PrivateKey().Public(),
				Use:                         "sig",
				KeyID:                       config.PrivateKeyID(),
				Certificates:                []*x509.Certificate{},
				CertificateThumbprintSHA1:   []uint8{},
				CertificateThumbprintSHA256: []uint8{},
			},
		},
	}
	ctx.JSON(http.StatusOK, jwks)
}