<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Admin settings and defaults
 *
 * @package auth_jwt
 * @copyright  2017 Stephen Bourget, 2024 Kumi Systems e.U.
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

defined('MOODLE_INTERNAL') || die;

if ($ADMIN->fulltree) {
        $yesno = array(get_string('no'), get_string('yes'));
        $fields = get_auth_plugin('jwt')->get_allowed_mapping_fields();

        $settings->add(new admin_setting_configselect(
                'auth_jwt/mappingfield',
                new lang_string('mappingfield', 'auth_jwt'),
                new lang_string('mappingfield_desc', 'auth_jwt'),
                0,
                $fields
        ));

        $settings->add(new admin_setting_configtext(
                'auth_jwt/keylifetime',
                get_string('keylifetime', 'auth_jwt'),
                get_string('keylifetime_desc', 'auth_jwt', 'auth'),
                '60',
                PARAM_INT
        ));

        $settings->add(new admin_setting_configselect(
                'auth_jwt/iprestriction',
                new lang_string('iprestriction', 'auth_jwt'),
                new lang_string('iprestriction_desc', 'auth_jwt'),
                0,
                $yesno
        ));

        $settings->add(new admin_setting_configtext(
                'auth_jwt/ipwhitelist',
                get_string('ipwhitelist', 'auth_jwt'),
                get_string('ipwhitelist_desc', 'auth_jwt', 'auth'),
                '',
                PARAM_TEXT
        ));

        $settings->add(new admin_setting_configtext(
                'auth_jwt/redirecturl',
                get_string('redirecturl', 'auth_jwt'),
                get_string('redirecturl_desc', 'auth_jwt', 'auth'),
                '',
                PARAM_URL
        ));

        $settings->add(new admin_setting_configtext(
                'auth_jwt/ssourl',
                get_string('ssourl', 'auth_jwt'),
                get_string('ssourl_desc', 'auth_jwt', 'auth'),
                '',
                PARAM_URL
        ));

        $settings->add(new admin_setting_configselect(
                'auth_jwt/createuser',
                new lang_string('createuser', 'auth_jwt'),
                new lang_string('createuser_desc', 'auth_jwt'),
                0,
                $yesno
        ));

        $settings->add(new admin_setting_configselect(
                'auth_jwt/updateuser',
                new lang_string('updateuser', 'auth_jwt'),
                new lang_string('updateuser_desc', 'auth_jwt'),
                0,
                $yesno
        ));

        $settings->add(new admin_setting_configtext(
                'auth_jwt/jwtsecret',
                get_string('jwtsecret', 'auth_jwt'),
                get_string('jwtsecret_desc', 'auth_jwt', 'auth'),
                '',
                PARAM_TEXT
        ));

        // Display locking / mapping of profile fields.
        $authplugin = get_auth_plugin('jwt');
        display_auth_lock_options(
                $settings,
                $authplugin->authtype,
                $authplugin->userfields,
                get_string('auth_fieldlocks_help', 'auth'),
                false,
                false
        );
}