<?php

return [
    /*
    |--------------------------------------------------------------------------
    | service_name
    |--------------------------------------------------------------------------
    |
    | The parameter must match the parameter from the registry service
    | auth:
    |   token:
    |     service:
    |
    */
    'service_name' => env('REGISTRY_SERVICE_NAME'),

    /*
     |--------------------------------------------------------------------------
     | service_http
     |--------------------------------------------------------------------------
     |
     | Register of real addresses
     |
     */
    'service_http' => env('REGISTRY_SERVICE_HTTP'),

    /*
    |--------------------------------------------------------------------------
    | private_key_name
    |--------------------------------------------------------------------------
    |
    | Executing commands:
    | openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
    | openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
    |
    | The file name corresponds to the name registry-auth1.key.
    |
    */
    'private_key_name' => env('REGISTRY_PRIVATE_KEY_NAME'),

    /*
    |--------------------------------------------------------------------------
    | issuer
    |--------------------------------------------------------------------------
    |
    | The parameter must match the parameter from the registry service
    | auth:
    |   token:
    |     issuer:
    |
    | Executing commands:
    | openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
    | openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
    |
    | auth:
    |   token:
    |     issuer: token_issuer
    |
    | Where it is better to name token_issuer in your own way.
    |
    */
    'issuer' => env('REGISTRY_ISSUER'),

    /*
    |--------------------------------------------------------------------------
    | algorithm
    |--------------------------------------------------------------------------
    |
    | Supported algorithms are 'ES384','ES256', 'ES256K', 'HS256', 'HS384',
    | 'HS512', 'RS256', 'RS384', and 'RS512'. Testing only RS256.
    |
    | openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
    | openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
    |
    | If you created a key using this command, then the algorithm will be RS256.
    |
    */
    'algorithm' => env('REGISTRY_ALGORITHM', 'RS256'),

    /*
    |--------------------------------------------------------------------------
    | expires_in_seconds
    |--------------------------------------------------------------------------
    |
    | For how many seconds to issue an authorization token.
    |
    */
    'expires_in_seconds' => (int) env('REGISTRY_EXPIRES_IN_SECONDS', 600),

    /*
    |--------------------------------------------------------------------------
    | token_for_notifications
    |--------------------------------------------------------------------------
    |
    | The parameter must match the parameter from the registry service
    | notifications:
    |   endpoints:
    |     headers:
    |        Authorization: [REGISTRY_TOKEN_FOR_NOTIFICATIONS]
    |
    */
    'token_for_notifications' => env('REGISTRY_TOKEN_FOR_NOTIFICATIONS'),
];