<?php
// /kngil/auth/oidc-login.php
require_once dirname(__DIR__) . '/bbs/env.php';
kngil_start_session();
require_once dirname(__DIR__) . '/vendor/autoload.php';
$config = require_once dirname(__DIR__) . '/bbs/oidc_config.php';

use Jumbojett\OpenIDConnectClient;

$requiredKeys = ['issuer', 'client_id', 'client_secret', 'redirect_url'];
$missingKeys = [];
foreach ($requiredKeys as $key) {
    if (empty($config[$key])) {
        $missingKeys[] = $key;
    }
}

if (!empty($missingKeys)) {
    http_response_code(500);
    header('Content-Type: text/plain; charset=utf-8');
    echo 'OIDC 설정 누락: ' . implode(', ', $missingKeys);
    exit;
}

$oidc = new OpenIDConnectClient(
    $config['issuer'],
    $config['client_id'],
    $config['client_secret']
);

$oidc->setRedirectURL($config['redirect_url']);
$oidc->addScope($config['scopes']);

// 필요한 경우 PKCE 활성화
// $oidc->setCodeChallengeMethod('S256');

try {
    $oidc->authenticate();
} catch (Throwable $e) {
    error_log($e->getMessage());
    http_response_code(500);
    header('Content-Type: text/plain; charset=utf-8');
    echo 'OIDC 인증 중 오류가 발생했습니다.';
    exit;
}