package org.apereo.cas.oidc.web.controllers.jwks;

import io.swagger.v3.oas.annotations.Operation;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.oidc.jwks.rotation.OidcJsonWebKeystoreRotationService;
import org.apereo.cas.web.BaseCasActuatorEndpoint;
import org.jose4j.jwk.JsonWebKey;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.actuate.endpoint.web.annotation.RestControllerEndpoint;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;

@RestControllerEndpoint(id = "oidcJwks", enableByDefault = false)
/* loaded from: input_file:WEB-INF/lib/cas-server-support-oidc-core-api-6.6.15.jar:org/apereo/cas/oidc/web/controllers/jwks/OidcJwksRotationEndpoint.class */
public class OidcJwksRotationEndpoint extends BaseCasActuatorEndpoint {
    private final ObjectProvider<OidcJsonWebKeystoreRotationService> rotationService;

    public OidcJwksRotationEndpoint(CasConfigurationProperties casConfigurationProperties, ObjectProvider<OidcJsonWebKeystoreRotationService> objectProvider) {
        super(casConfigurationProperties);
        this.rotationService = objectProvider;
    }

    @GetMapping(path = {"/rotate"}, produces = {"application/json"})
    @Operation(summary = "Rotate keys in the keystore forcefully")
    public ResponseEntity<String> handleRotation() throws Exception {
        return new ResponseEntity<>(this.rotationService.getObject().rotate().toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY), HttpStatus.OK);
    }

    @GetMapping(path = {"/revoke"}, produces = {"application/json"})
    @Operation(summary = "Revoke keys in the keystore forcefully")
    public ResponseEntity<String> handleRevocation() throws Exception {
        return new ResponseEntity<>(this.rotationService.getObject().revoke().toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY), HttpStatus.OK);
    }
}
