internal static OpenApiSecurityScheme ToOAuth2SecurityScheme()

in src/Microsoft.OpenApi.CSharpAnnotations.DocumentGeneration/Extensions/XElementExtensions.cs [207:305]

• 84 lines of code
• 16 McCabe index (conditional complexity)

        internal static OpenApiSecurityScheme ToOAuth2SecurityScheme(this XElement xElement, out IList<string> scopes)
        {
            var flowElements = xElement.Elements().Where(p => p.Name == KnownXmlStrings.Flow);
            var description = xElement.Elements()
                .FirstOrDefault(p => p.Name == KnownXmlStrings.Description)?
                .Value.Trim().RemoveBlankLines(); ;
            scopes = new List<string>();

            var securityScheme = new OpenApiSecurityScheme
            {
                Flows = new OpenApiOAuthFlows(),
                Description = description,
                Type = SecuritySchemeType.OAuth2
            };

            if (!flowElements.Any())
            {
                throw new InvalidSecurityTagException(
                    string.Format(SpecificationGenerationMessages.UndocumentedFlow, SecuritySchemeType.OAuth2));
            }

            foreach (var flowElement in flowElements)
            {
                var flowType = flowElement.Attribute(KnownXmlStrings.Type)?.Value;

                if (string.IsNullOrWhiteSpace(flowType))
                {
                    throw new InvalidSecurityTagException(string.Format(
                        SpecificationGenerationMessages.UndocumentedType,
                        KnownXmlStrings.Flow));
                }

                IList<string> oAuthScopes;

                switch (flowType)
                {
                    case KnownXmlStrings.ImplicitFlow:

                        securityScheme.Flows.Implicit =
                            flowElement.ToOAuthFlow(flowType, out oAuthScopes);
                        foreach (var oAuthScope in oAuthScopes)
                        {
                            if (!scopes.Contains(oAuthScope))
                            {
                                scopes.Add(oAuthScope);
                            }
                        }
                        break;

                    case KnownXmlStrings.Password:

                        securityScheme.Flows.Password =
                            flowElement.ToOAuthFlow(flowType, out oAuthScopes);
                        foreach (var oAuthScope in oAuthScopes)
                        {
                            if (!scopes.Contains(oAuthScope))
                            {
                                scopes.Add(oAuthScope);
                            }
                        }
                        break;

                    case KnownXmlStrings.ClientCredentials:

                        securityScheme.Flows.ClientCredentials =
                            flowElement.ToOAuthFlow(flowType, out oAuthScopes);
                        foreach (var oAuthScope in oAuthScopes)
                        {
                            if (!scopes.Contains(oAuthScope))
                            {
                                scopes.Add(oAuthScope);
                            }
                        }
                        break;

                    case KnownXmlStrings.AuthorizationCode:
                        securityScheme.Flows.AuthorizationCode =
                            flowElement.ToOAuthFlow(flowType, out oAuthScopes);
                        foreach (var oAuthScope in oAuthScopes)
                        {
                            if (!scopes.Contains(oAuthScope))
                            {
                                scopes.Add(oAuthScope);
                            }
                        }

                        break;

                    default:
                        throw new InvalidSecurityTagException(string.Format(
                            SpecificationGenerationMessages.NotSupportedTypeAttributeValue,
                            flowType,
                            KnownXmlStrings.Flow,
                            string.Join(", ", KnownXmlStrings.AllowedFlowTypeValues)));
                }
            }

            return securityScheme;
        }