internal static CredentialConfiguration FromJsonStructure()

in wwauth/Google.Solutions.WWAuth/Data/CredentialConfiguration.cs [161:230]

• 62 lines of code
• 11 McCabe index (conditional complexity)

        internal static CredentialConfiguration FromJsonStructure(CredentialConfigurationInfo info)
        {
            if (info?.Type != CredentialConfigurationInfo.ExternalAccount)
            {
                throw new UnknownCredentialConfigurationException(
                    "Unsupported configuration type: " + info?.Type);
            }

            if (info.CredentialSource?.Executable?.Command == null)
            {
                throw new InvalidCredentialConfigurationException(
                    "Missing credential source or command");
            }

            IdentityPoolConfiguration poolConfig;
            if (string.IsNullOrEmpty(info.Audience))
            {
                throw new InvalidCredentialConfigurationException("Audience missing");
            }
            else if (WorkloadIdentityPoolConfiguration.TryParse(
                info.Audience,
                out var workloadPoolConfig))
            {
                poolConfig = workloadPoolConfig;
            }
            else if (WorkforceIdentityPoolConfiguration.TryParse(
                info.Audience,
                out var workforcePoolConfig))
            {
                if (info.WorkforcePoolUserProject == null || info.WorkforcePoolUserProject == 0)
                {
                    throw new InvalidCredentialConfigurationException(
                    "Missing user project number for workforce identity.");
                }

                workforcePoolConfig.UserProjectNumber = info.WorkforcePoolUserProject;
                poolConfig = workforcePoolConfig;
            }
            else
            {
                throw new InvalidCredentialConfigurationException(
                    "Malformed audience: " + info.Audience);
            }

            var configuration = new CredentialConfiguration(
                poolConfig,
                UnattendedCommandLineOptions.Parse(info.CredentialSource.Executable.Command));

            if (info.CredentialSource.Executable.TimeoutMillis != null)
            {
                configuration.Timeout = TimeSpan.FromMilliseconds(
                    info.CredentialSource.Executable.TimeoutMillis.Value);
            }

            if (!string.IsNullOrEmpty(info.ServiceAccountImpersonationUrl))
            {
                var serviceAccountImpersonationUrlMatch = new Regex(
                    "^https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/(.*):generateAccessToken$")
                    .Match(info.ServiceAccountImpersonationUrl);
                if (!serviceAccountImpersonationUrlMatch.Success)
                {
                    throw new ArgumentException("Malformed service account impersonation URL: " +
                        info.ServiceAccountImpersonationUrl);
                }

                configuration.ServiceAccountEmail = serviceAccountImpersonationUrlMatch.Groups[1].Value;
            }

            return configuration;
        }