From ee0ddcce634b9fa176eccff632c945818153efad Mon Sep 17 00:00:00 2001
From: Dilip Krishnan <dilipkrish_subscriptions@yahoo.com>
Date: Mon, 15 Jun 2020 08:53:36 -0500
Subject: [PATCH] Added support for the new security schemes in OAS

(2022)
---
 .../builders/HttpAuthenticationBuilder.java   | 52 ++++++++++++
 .../builders/OAuth2SchemeBuilder.java         | 85 +++++++++++++++++++
 .../builders/OAuth2SchemeValidator.java       | 63 ++++++++++++++
 .../builders/OpenIdConnectSchemeBuilder.java  | 46 ++++++++++
 .../service/HttpAuthenticationScheme.java     | 35 ++++++++
 .../documentation/service/OAuth2Scheme.java   | 61 +++++++++++++
 .../service/OpenIdConnectScheme.java          | 21 +++++
 7 files changed, 363 insertions(+)
 create mode 100644 springfox-core/src/main/java/springfox/documentation/builders/HttpAuthenticationBuilder.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeBuilder.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeValidator.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/builders/OpenIdConnectSchemeBuilder.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/service/HttpAuthenticationScheme.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/service/OAuth2Scheme.java
 create mode 100644 springfox-core/src/main/java/springfox/documentation/service/OpenIdConnectScheme.java

diff --git a/springfox-core/src/main/java/springfox/documentation/builders/HttpAuthenticationBuilder.java b/springfox-core/src/main/java/springfox/documentation/builders/HttpAuthenticationBuilder.java
new file mode 100644
index 00000000000..1e4722c0fff
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/builders/HttpAuthenticationBuilder.java
@@ -0,0 +1,52 @@
+package springfox.documentation.builders;
+
+import springfox.documentation.service.HttpAuthenticationScheme;
+import springfox.documentation.service.VendorExtension;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static springfox.documentation.builders.BuilderDefaults.*;
+
+public class HttpAuthenticationBuilder {
+  private String name;
+  private String description;
+  private String scheme;
+  private String bearerFormat;
+  private final List<VendorExtension> extensions = new ArrayList<>();
+
+  public HttpAuthenticationBuilder name(String name) {
+    this.name = name;
+    return this;
+  }
+
+  public HttpAuthenticationBuilder scheme(String scheme) {
+    this.scheme = scheme;
+    return this;
+  }
+
+  public HttpAuthenticationBuilder bearerFormat(String bearerFormat) {
+    this.bearerFormat = bearerFormat;
+    return this;
+  }
+
+  public HttpAuthenticationBuilder description(String description) {
+    this.description = description;
+    return this;
+  }
+
+  public HttpAuthenticationBuilder extensions(List<VendorExtension> extensions) {
+    this.extensions.addAll(nullToEmptyList(extensions));
+    return this;
+  }
+
+  public HttpAuthenticationScheme build() {
+    return new HttpAuthenticationScheme(
+        name,
+        description,
+        "http",
+        scheme,
+        bearerFormat,
+        extensions);
+  }
+}
\ No newline at end of file
diff --git a/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeBuilder.java b/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeBuilder.java
new file mode 100644
index 00000000000..70263c92c04
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeBuilder.java
@@ -0,0 +1,85 @@
+package springfox.documentation.builders;
+
+import springfox.documentation.service.AuthorizationScope;
+import springfox.documentation.service.OAuth2Scheme;
+import springfox.documentation.service.VendorExtension;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static springfox.documentation.builders.BuilderDefaults.*;
+import static springfox.documentation.builders.NoopValidator.*;
+
+@SuppressWarnings("VisibilityModifier")
+public class OAuth2SchemeBuilder {
+  //accessible Validator
+  String name;
+  String flowType;
+  String description;
+  String authorizationUrl;
+  String tokenUrl;
+  String refreshUrl;
+  final List<AuthorizationScope> scopes = new ArrayList<>();
+  private final List<VendorExtension> extensions = new ArrayList<>();
+  private Validator<OAuth2SchemeBuilder> validator = new OAuth2SchemeValidator<>();
+
+  public OAuth2SchemeBuilder(String flowType) {
+    this.flowType = flowType;
+  }
+
+  public OAuth2SchemeBuilder name(String name) {
+    this.name = name;
+    return this;
+  }
+
+  public OAuth2SchemeBuilder description(String description) {
+    this.description = description;
+    return this;
+  }
+
+  public OAuth2SchemeBuilder authorizationUrl(String authorizationUrl) {
+    this.authorizationUrl = authorizationUrl;
+    return this;
+  }
+
+  public OAuth2SchemeBuilder tokenUrl(String tokenUrl) {
+    this.tokenUrl = tokenUrl;
+    return this;
+  }
+
+  public OAuth2SchemeBuilder refreshUrl(String refreshUrl) {
+    this.refreshUrl = refreshUrl;
+    return this;
+  }
+
+  public OAuth2SchemeBuilder scopes(List<AuthorizationScope> scopes) {
+    this.scopes.addAll(nullToEmptyList(scopes));
+    return this;
+  }
+
+  public OAuth2SchemeBuilder extensions(List<VendorExtension> extensions) {
+    this.extensions.addAll(nullToEmptyList(extensions));
+    return this;
+  }
+
+  public OAuth2SchemeBuilder validator(Validator<OAuth2SchemeBuilder> validator) {
+    this.validator = validator;
+    return this;
+  }
+
+  public OAuth2Scheme build() {
+    List<ValidationResult> results = validator.validate(this);
+    if (logProblems(results).size() > 0) {
+      return null;
+    }
+    return new OAuth2Scheme(
+        name,
+        flowType,
+        description,
+        authorizationUrl,
+        tokenUrl,
+        refreshUrl,
+        scopes,
+        extensions);
+  }
+}
\ No newline at end of file
diff --git a/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeValidator.java b/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeValidator.java
new file mode 100644
index 00000000000..3167ec058de
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/builders/OAuth2SchemeValidator.java
@@ -0,0 +1,63 @@
+package springfox.documentation.builders;
+
+import org.springframework.util.StringUtils;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class OAuth2SchemeValidator<T> implements Validator<OAuth2SchemeBuilder> {
+  @Override
+  public List<ValidationResult> validate(OAuth2SchemeBuilder builder) {
+    List<ValidationResult> results = new ArrayList<>();
+    if (builder.name == null) {
+      results.add(
+          new ValidationResult(
+              "OAuth2Scheme",
+              "name",
+              "Parameter name is required"));
+    }
+    if (builder.flowType == null) {
+      results.add(new ValidationResult(
+          "OAuth2Scheme",
+          "flowType",
+          "Flow type is required"));
+    }
+    switch (builder.flowType) {
+      case "implicit":
+        requiredAttribute(results, "authorizationUrl", builder.authorizationUrl);
+        break;
+      case "password":
+      case "clientCredentials":
+        requiredAttribute(results, "tokenUrl", builder.tokenUrl);
+        break;
+      case "authorizationCode":
+        requiredAttribute(results, "authorizationUrl", builder.authorizationUrl);
+        requiredAttribute(results, "tokenUrl", builder.tokenUrl);
+        break;
+      default:
+        results.add(new ValidationResult(
+            "OAuth2Scheme",
+            "flowType",
+            "Flow type should be one of (implicit, password, clientCredentials, authorizationCode)"));
+    }
+    if (builder.scopes.isEmpty()) {
+      results.add(new ValidationResult(
+          "OAuth2Scheme",
+          "scopes",
+          "Scopes are required"));
+    }
+    return results;
+  }
+
+  private void requiredAttribute(
+      List<ValidationResult> results,
+      String name,
+      String value) {
+    if (StringUtils.isEmpty(value)) {
+      results.add(new ValidationResult(
+          "OAuth2Scheme",
+          "name",
+          String.format("Parameter %s is required", name)));
+    }
+  }
+}
diff --git a/springfox-core/src/main/java/springfox/documentation/builders/OpenIdConnectSchemeBuilder.java b/springfox-core/src/main/java/springfox/documentation/builders/OpenIdConnectSchemeBuilder.java
new file mode 100644
index 00000000000..1153dd5223f
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/builders/OpenIdConnectSchemeBuilder.java
@@ -0,0 +1,46 @@
+package springfox.documentation.builders;
+
+import springfox.documentation.service.OpenIdConnectScheme;
+import springfox.documentation.service.VendorExtension;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static springfox.documentation.builders.BuilderDefaults.*;
+
+public class OpenIdConnectSchemeBuilder {
+  private String name;
+  private String type;
+  private String description;
+  private final List<VendorExtension> extensions = new ArrayList<>();
+  private String openIdConnectUrl;
+
+  public OpenIdConnectSchemeBuilder name(String name) {
+    this.name = name;
+    return this;
+  }
+
+  public OpenIdConnectSchemeBuilder type(String type) {
+    this.type = type;
+    return this;
+  }
+
+  public OpenIdConnectSchemeBuilder description(String description) {
+    this.description = description;
+    return this;
+  }
+
+  public OpenIdConnectSchemeBuilder extensions(List<VendorExtension> extensions) {
+    this.extensions.addAll(nullToEmptyList(extensions));
+    return this;
+  }
+
+  public OpenIdConnectSchemeBuilder openIdConnectUrl(String openIdConnectUrl) {
+    this.openIdConnectUrl = openIdConnectUrl;
+    return this;
+  }
+
+  public OpenIdConnectScheme createOpenIdConnectScheme() {
+    return new OpenIdConnectScheme(name, type, description, extensions, openIdConnectUrl);
+  }
+}
\ No newline at end of file
diff --git a/springfox-core/src/main/java/springfox/documentation/service/HttpAuthenticationScheme.java b/springfox-core/src/main/java/springfox/documentation/service/HttpAuthenticationScheme.java
new file mode 100644
index 00000000000..b4bbbd7cc52
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/service/HttpAuthenticationScheme.java
@@ -0,0 +1,35 @@
+package springfox.documentation.service;
+
+import springfox.documentation.builders.HttpAuthenticationBuilder;
+
+import java.util.List;
+
+public class HttpAuthenticationScheme extends SecurityScheme {
+  public static final HttpAuthenticationBuilder BASIC_AUTH_BUILDER = new HttpAuthenticationBuilder().scheme("basic");
+  public static final HttpAuthenticationBuilder JWT_BEARER_BUILDER = new HttpAuthenticationBuilder()
+      .scheme("bearer")
+      .bearerFormat("JWT");
+  private final String scheme;
+  private final String bearerFormat;
+
+
+  public HttpAuthenticationScheme(
+      String name,
+      String description,
+      String type,
+      String scheme,
+      String bearerFormat,
+      List<VendorExtension> extensions) {
+    super(name, type, description, extensions);
+    this.scheme = scheme;
+    this.bearerFormat = bearerFormat;
+  }
+
+  public String getScheme() {
+    return scheme;
+  }
+
+  public String getBearerFormat() {
+    return bearerFormat;
+  }
+}
diff --git a/springfox-core/src/main/java/springfox/documentation/service/OAuth2Scheme.java b/springfox-core/src/main/java/springfox/documentation/service/OAuth2Scheme.java
new file mode 100644
index 00000000000..7560874a5ad
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/service/OAuth2Scheme.java
@@ -0,0 +1,61 @@
+package springfox.documentation.service;
+
+import springfox.documentation.builders.OAuth2SchemeBuilder;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class OAuth2Scheme extends SecurityScheme {
+  public static final OAuth2SchemeBuilder OAUTH2_IMPLICIT_FLOW_BUILDER
+      = new OAuth2SchemeBuilder("implicit");
+  public static final OAuth2SchemeBuilder OAUTH2_PASSWORD_FLOW_BUILDER
+      = new OAuth2SchemeBuilder("password");
+  public static final OAuth2SchemeBuilder OAUTH2_CLIENT_CREDENTIALS_FLOW_BUILDER
+      = new OAuth2SchemeBuilder("clientCredentials");
+  public static final OAuth2SchemeBuilder OAUTH2_AUTHORIZATION_CODE_FLOW_BUILDER
+      = new OAuth2SchemeBuilder("authorizationCode");
+
+  private final String flowType;
+  private final String authorizationUrl;
+  private final String tokenUrl;
+  private final String refreshUrl;
+  private final List<AuthorizationScope> scopes = new ArrayList<>();
+
+  @SuppressWarnings("ParameterNumber")
+  public OAuth2Scheme(
+      String name,
+      String flowType,
+      String description,
+      String authorizationUrl,
+      String tokenUrl,
+      String refreshUrl,
+      List<AuthorizationScope> scopes,
+      List<VendorExtension> extensions) {
+    super(name, "oauth2", description, extensions);
+    this.flowType = flowType;
+    this.authorizationUrl = authorizationUrl;
+    this.tokenUrl = tokenUrl;
+    this.refreshUrl = refreshUrl;
+    this.scopes.addAll(scopes);
+  }
+
+  public String getFlowType() {
+    return flowType;
+  }
+
+  public String getAuthorizationUrl() {
+    return authorizationUrl;
+  }
+
+  public String getTokenUrl() {
+    return tokenUrl;
+  }
+
+  public String getRefreshUrl() {
+    return refreshUrl;
+  }
+
+  public List<AuthorizationScope> getScopes() {
+    return scopes;
+  }
+}
diff --git a/springfox-core/src/main/java/springfox/documentation/service/OpenIdConnectScheme.java b/springfox-core/src/main/java/springfox/documentation/service/OpenIdConnectScheme.java
new file mode 100644
index 00000000000..c0fc36f4df9
--- /dev/null
+++ b/springfox-core/src/main/java/springfox/documentation/service/OpenIdConnectScheme.java
@@ -0,0 +1,21 @@
+package springfox.documentation.service;
+
+import java.util.List;
+
+public class OpenIdConnectScheme extends SecurityScheme {
+  private final String openIdConnectUrl;
+
+  public OpenIdConnectScheme(
+      String name,
+      String type,
+      String description,
+      List<VendorExtension> extensions,
+      String openIdConnectUrl) {
+    super(name, type, description, extensions);
+    this.openIdConnectUrl = openIdConnectUrl;
+  }
+
+  public String getOpenIdConnectUrl() {
+    return openIdConnectUrl;
+  }
+}