"""OAuth 2.0 Authorization Server Metadata endpoint (RFC 8414)."""
import json
import logging

from fastapi import APIRouter, Depends, Response

from gondulf.config import Config
from gondulf.dependencies import get_config

logger = logging.getLogger("gondulf.metadata")

router = APIRouter()


@router.get("/.well-known/oauth-authorization-server")
async def get_metadata(config: Config = Depends(get_config)) -> Response:
    """
    OAuth 2.0 Authorization Server Metadata (RFC 8414).

    Returns server capabilities for IndieAuth client discovery.
    This endpoint is publicly accessible and cacheable.

    Returns:
        Response: JSON response with server metadata and Cache-Control header
    """
    logger.debug("Metadata endpoint requested")

    metadata = {
        "issuer": config.BASE_URL,
        "authorization_endpoint": f"{config.BASE_URL}/authorize",
        "token_endpoint": f"{config.BASE_URL}/token",
        "response_types_supported": ["code", "id"],
        "grant_types_supported": ["authorization_code"],
        "code_challenge_methods_supported": ["S256"],
        "token_endpoint_auth_methods_supported": ["none"],
        "revocation_endpoint_auth_methods_supported": ["none"],
        "scopes_supported": []
    }

    logger.debug(f"Returning metadata for issuer: {config.BASE_URL}")

    return Response(
        content=json.dumps(metadata, indent=2),
        media_type="application/json",
        headers={
            "Cache-Control": "public, max-age=86400"
        }
    )