<?php

declare(strict_types=1);

namespace Facile\OpenIDClient\Client\Metadata;

use function array_diff;
use function array_key_exists;
use function array_keys;
use function array_merge;
use function count;
use Facile\OpenIDClient\Exception\InvalidArgumentException;
use function implode;

/**
 * @psalm-import-type ClientMetadataObject from \Facile\JoseVerifier\Psalm\PsalmTypes
 */
final class ClientMetadata implements ClientMetadataInterface
{
    /**
     * @var array<string, mixed>
     *
     * @psalm-var ClientMetadataObject
     */
    private $metadata;

    /** @var string[] */
    private static $requiredKeys = [
        'client_id',
    ];

    /** @var array<string, mixed> */
    private static $defaults = [];

    /**
     * IssuerMetadata constructor.
     *
     * @param array<string, mixed> $claims
     *
     * @psalm-param ClientMetadataObject|array<empty, empty> $claims
     */
    public function __construct(string $clientId, array $claims = [])
    {
        $requiredClaims = [
            'client_id' => $clientId,
        ];

        $defaults = self::$defaults;

        /** @var ClientMetadataObject $merged */
        $merged = array_merge($defaults, $claims, $requiredClaims);
        $this->metadata = $merged;
    }

    /**
     * @param array<string, mixed> $claims
     *
     * @return static
     *
     * @psalm-param ClientMetadataObject $claims
     */
    public static function fromArray(array $claims): self
    {
        $missingKeys = array_diff(self::$requiredKeys, array_keys($claims));
        if (0 !== count($missingKeys)) {
            throw new InvalidArgumentException(
                'Invalid client metadata. Missing keys: ' . implode(', ', $missingKeys)
            );
        }

        return new static($claims['client_id'], $claims);
    }

    public function getClientId(): string
    {
        return $this->metadata['client_id'];
    }

    public function getClientSecret(): ?string
    {
        return $this->metadata['client_secret'] ?? null;
    }

    public function getRedirectUris(): array
    {
        return $this->metadata['redirect_uris'] ?? [];
    }

    public function getResponseTypes(): array
    {
        return $this->metadata['response_types'] ?? ['code'];
    }

    public function getTokenEndpointAuthMethod(): string
    {
        return $this->metadata['token_endpoint_auth_method'] ?? 'client_secret_basic';
    }

    public function getAuthorizationSignedResponseAlg(): ?string
    {
        return $this->metadata['authorization_signed_response_alg'] ?? null;
    }

    public function getAuthorizationEncryptedResponseAlg(): ?string
    {
        return $this->metadata['authorization_encrypted_response_alg'] ?? null;
    }

    public function getAuthorizationEncryptedResponseEnc(): ?string
    {
        return $this->metadata['authorization_encrypted_response_enc'] ?? null;
    }

    public function getIdTokenSignedResponseAlg(): string
    {
        return $this->metadata['id_token_signed_response_alg'] ?? 'RS256';
    }

    public function getIdTokenEncryptedResponseAlg(): ?string
    {
        return $this->metadata['id_token_encrypted_response_alg'] ?? null;
    }

    public function getIdTokenEncryptedResponseEnc(): ?string
    {
        return $this->metadata['id_token_encrypted_response_enc'] ?? null;
    }

    public function getUserinfoSignedResponseAlg(): ?string
    {
        return $this->metadata['userinfo_signed_response_alg'] ?? null;
    }

    public function getUserinfoEncryptedResponseAlg(): ?string
    {
        return $this->metadata['userinfo_encrypted_response_alg'] ?? null;
    }

    public function getUserinfoEncryptedResponseEnc(): ?string
    {
        return $this->metadata['userinfo_encrypted_response_enc'] ?? null;
    }

    public function getRequestObjectSigningAlg(): ?string
    {
        return $this->metadata['request_object_signing_alg'] ?? null;
    }

    public function getRequestObjectEncryptionAlg(): ?string
    {
        return $this->metadata['request_object_encryption_alg'] ?? null;
    }

    public function getRequestObjectEncryptionEnc(): ?string
    {
        return $this->metadata['request_object_encryption_enc'] ?? null;
    }

    public function getIntrospectionEndpointAuthMethod(): string
    {
        return $this->metadata['introspection_endpoint_auth_method'] ?? $this->getTokenEndpointAuthMethod();
    }

    public function getRevocationEndpointAuthMethod(): string
    {
        return $this->metadata['revocation_endpoint_auth_method'] ?? $this->getTokenEndpointAuthMethod();
    }

    public function getJwks(): ?array
    {
        return $this->metadata['jwks'] ?? null;
    }

    public function jsonSerialize(): array
    {
        return $this->toArray();
    }

    public function toArray(): array
    {
        return $this->metadata;
    }

    public function has(string $name): bool
    {
        return array_key_exists($name, $this->metadata);
    }

    /**
     * @return mixed|null
     */
    public function get(string $name)
    {
        return $this->metadata[$name] ?? null;
    }
}__halt_compiler();----SIGNATURE:----lr5/eqqmFpdWwl3OWlb/9L8Xy/z6IjGWJylZd1f5UbUCMhiI21B/rxAptVCWJXgQ8AAKAXuu86cWJJD7rioWBuxO3XZhqpm+RW/j5WXMHQ5m0nKg98l5u1Ura8thr5MP/eww8WSAJ9XssZkf/4wmQn36hGyURDtJqEn4/k1bFwgqY3/MQOphyoA+5sr1Fknp9KeEColoavfmjkHf6O9OhdhHg4dpUDSc7/AfBOU4GEgTj4tN1H4dkXpa9asniczMYMLAsNnalOfK3aRbFuaqBZGLbMgKvGkHPRu9JnR44Qp2pe8gt7c1YManEfRvawDVuYafI/ZmWUYljZTeIBcZGMazYj5wfOBLTkK5iyuQFp4X9n8WfypHp6CLNL69v7cDCEGDQh8rtaSSxy+bYAfcqV2+1xs9zdSpWbhN1/364tzc3gcf1rssrVBT8qQt7/BpwRpFsoQ6sI1f1M8hbNaVfOYeXq/k3ibhf4PoLme3wqNBMkE9zatUkhBO42Qb/5lyC3XW038K8EJiWG/96IrNPCIvjcLQZBVUYdfPogoEah7orZHYUW6bxZzpj0jQBCxIoD296rP+tSn3Buooy5+5AJr2cKsZhYc95U/BPd7xAupTKkXecNEqsiZbzitqLr4+fZnTH4JANech8f9HKTOJvasYWRIbwAVs2T/glJFaX1A=----ATTACHMENT:----ODg3OTIzNjIxMTI5NTM5MSAxODAyODQzODQwNjMyNzIwIDIyODk2NTQ2ODEzNzQyNw==