<?php
/* Copyright (C) 2017      Open-DSI             <support@open-dsi.fr>
 * Copyright (C) 2024		MDW						<mdeweerd@users.noreply.github.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 *	\file       htdocs/admin/openid_connect.php
 * 	\ingroup	openid_connect
 *	\brief      Functions for the module openid_connect
 */

/**
 * return the current state
 *
 * @return  string				String containing the state
 */
function openid_connect_get_state()
{
	return hash('sha256', session_id());
}


/**
 * return the redirect url
 *
 * @return  string				Redirect url
 */
function openid_connect_get_redirect_url()
{
	return DOL_MAIN_URL_ROOT . '/core/modules/openid_connect/callback.php';
}


/**
 * Return authentication url
 *
 * @return  string				Authentication url
 */
function openid_connect_get_url()
{
	// Note: For the scope, we msut use rawurlencode instead of urlencode.
	$url = getDolGlobalString('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL').'?client_id='.urlencode(getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_ID')).'&redirect_uri='.urlencode(openid_connect_get_redirect_url()).'&scope='.rawurlencode(getDolGlobalString('MAIN_AUTHENTICATION_OIDC_SCOPES')).'&response_type=code&state='.urlencode(openid_connect_get_state());

	return $url;
}