defmodule SsoBsnWeb.Openid.UserinfoController do
  @behaviour Boruta.Openid.UserinfoApplication

  use SsoBsnWeb, :controller

  alias Boruta.Openid.UserinfoResponse

  def openid_module, do: Application.get_env(:sso_bsn, :openid_module, Boruta.Openid)

  def userinfo(conn, _params) do
    openid_module().userinfo(conn, __MODULE__)
  end

  @impl Boruta.Openid.UserinfoApplication
  def userinfo_fetched(conn, userinfo_response) do
    conn
    |> put_resp_header("content-type", UserinfoResponse.content_type(userinfo_response))
    |> json(UserinfoResponse.payload(userinfo_response))
  end

  @impl Boruta.Openid.UserinfoApplication
  def unauthorized(conn, error) do
    conn
    |> put_resp_header(
      "www-authenticate",
      "error=\"#{error.error}\", error_description=\"#{error.error_description}\""
    )
    |> send_resp(:unauthorized, "")
  end
end