Metadata PEM support

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java

@@ -42,11 +42,12 @@ import org.maxkey.authz.oauth2.provider.approval.UserApprovalHandler;
 import org.maxkey.authz.oauth2.provider.code.AuthorizationCodeServices;
 import org.maxkey.authz.oauth2.provider.implicit.ImplicitTokenRequest;
 import org.maxkey.authz.oauth2.provider.request.DefaultOAuth2RequestValidator;
+import org.maxkey.constants.ContentType;
 import org.maxkey.crypto.jose.keystore.JWKSetKeyStore;
 import org.maxkey.util.HttpEncoder;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.entity.apps.oauth2.provider.ClientDetails;
-import org.maxkey.pretty.PrettyFactory;
+import org.maxkey.web.HttpRequestAdapter;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -291,27 +292,39 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 	}
 	
 	@Operation(summary = "OAuth JWk 元数据接口", description = "参数mxk_metadata_APPID",method="GET")
-	@RequestMapping(value = "/metadata/oauth/v20/{appid}.json",produces = "application/json", method={RequestMethod.POST, RequestMethod.GET})
+	@RequestMapping(
+			value = "/metadata/oauth/v20/" + WebConstants.MXK_METADATA_PREFIX + "{appid}.{mediaType}",
+			method={RequestMethod.POST, RequestMethod.GET})
 	@ResponseBody
 	public String  metadata(HttpServletRequest request,
-			HttpServletResponse response, @PathVariable("appid") String appId) {
-		appId = appId.substring(WebConstants.MXK_METADATA_PREFIX.length(), appId.length());
+			HttpServletResponse response, 
+			@PathVariable("appid") String appId,
+			@PathVariable("mediaType") String mediaType) {
 		ClientDetails  clientDetails = getClientDetailsService().loadClientByClientId(appId,true);
-		String jwkSetString = "";
-		if(!clientDetails.getSignature().equalsIgnoreCase("none")) {
-			jwkSetString = clientDetails.getSignatureKey();
-		}
-		if(!clientDetails.getAlgorithm().equalsIgnoreCase("none")) {
-			if(!StringUtils.hasText(jwkSetString)) {
-				jwkSetString = clientDetails.getAlgorithmKey();
-			}else {
-				jwkSetString = jwkSetString + "," +clientDetails.getAlgorithmKey();
+		if(clientDetails != null) {
+			String jwkSetString = "";
+			if(!clientDetails.getSignature().equalsIgnoreCase("none")) {
+				jwkSetString = clientDetails.getSignatureKey();
 			}
+			if(!clientDetails.getAlgorithm().equalsIgnoreCase("none")) {
+				if(!StringUtils.hasText(jwkSetString)) {
+					jwkSetString = clientDetails.getAlgorithmKey();
+				}else {
+					jwkSetString = jwkSetString + "," +clientDetails.getAlgorithmKey();
+				}
+			}
+			JWKSetKeyStore jwkSetKeyStore = new JWKSetKeyStore("{\"keys\": [" + jwkSetString + "]}");
+			
+			if(StringUtils.hasText(mediaType) 
+					&& mediaType.equalsIgnoreCase(HttpRequestAdapter.MediaType.XML)) {
+				response.setContentType(ContentType.APPLICATION_XML_UTF8);
+			}else {
+				response.setContentType(ContentType.APPLICATION_JSON_UTF8);
+			}
+			return jwkSetKeyStore.toString(mediaType);
 		}
-		JWKSetKeyStore jwkSetKeyStore = new JWKSetKeyStore("{\"keys\": [" + jwkSetString + "]}");
 		
-		return PrettyFactory.getJsonPretty().format(
-				jwkSetKeyStore.getJwkSet().toPublicJWKSet().toString());
+		return appId + " not exist.";
 	}
 
 	// We need explicit approval from the user.