Generate yookassa client via openapi tool ogen

internal/service/yookassa/gen/oas_security_gen.go

@@ -0,0 +1,207 @@
+// Code generated by ogen, DO NOT EDIT.
+
+package gen
+
+import (
+	"context"
+	"net/http"
+	"strings"
+
+	"github.com/go-faster/errors"
+	"github.com/ogen-go/ogen/ogenerrors"
+)
+
+// SecurityHandler is handler for security parameters.
+type SecurityHandler interface {
+	// HandleBasicAuth handles BasicAuth security.
+	// HTTP Basic аутентификация клиента ЮKassa.
+	HandleBasicAuth(ctx context.Context, operationName OperationName, t BasicAuth) (context.Context, error)
+	// HandleOAuth2 handles OAuth2 security.
+	// Авторизация клиента ЮKassa с использованием OAuth-токена.
+	HandleOAuth2(ctx context.Context, operationName OperationName, t OAuth2) (context.Context, error)
+}
+
+func findAuthorization(h http.Header, prefix string) (string, bool) {
+	v, ok := h["Authorization"]
+	if !ok {
+		return "", false
+	}
+	for _, vv := range v {
+		scheme, value, ok := strings.Cut(vv, " ")
+		if !ok || !strings.EqualFold(scheme, prefix) {
+			continue
+		}
+		return value, true
+	}
+	return "", false
+}
+
+// operationRolesBasicAuth is a private map storing roles per operation.
+var operationRolesBasicAuth = map[string][]string{
+	DealsDealIDGetOperation:                   []string{},
+	DealsGetOperation:                         []string{},
+	DealsPostOperation:                        []string{},
+	MeGetOperation:                            []string{},
+	PaymentMethodsPaymentMethodIDGetOperation: []string{},
+	PaymentMethodsPostOperation:               []string{},
+	PaymentsGetOperation:                      []string{},
+	PaymentsPaymentIDCancelPostOperation:      []string{},
+	PaymentsPaymentIDCapturePostOperation:     []string{},
+	PaymentsPaymentIDGetOperation:             []string{},
+	PaymentsPostOperation:                     []string{},
+	PayoutsGetOperation:                       []string{},
+	PayoutsPayoutIDGetOperation:               []string{},
+	PayoutsPostOperation:                      []string{},
+	PayoutsSearchGetOperation:                 []string{},
+	PersonalDataPersonalDataIDGetOperation:    []string{},
+	PersonalDataPostOperation:                 []string{},
+	ReceiptsGetOperation:                      []string{},
+	ReceiptsPostOperation:                     []string{},
+	ReceiptsReceiptIDGetOperation:             []string{},
+	RefundsGetOperation:                       []string{},
+	RefundsPostOperation:                      []string{},
+	RefundsRefundIDGetOperation:               []string{},
+	SbpBanksGetOperation:                      []string{},
+	WebhooksGetOperation:                      []string{},
+	WebhooksPostOperation:                     []string{},
+	WebhooksWebhookIDDeleteOperation:          []string{},
+}
+
+// GetRolesForBasicAuth returns the required roles for the given operation.
+//
+// This is useful for authorization scenarios where you need to know which roles
+// are required for an operation.
+//
+// Example:
+//
+//	requiredRoles := GetRolesForBasicAuth(AddPetOperation)
+//
+// Returns nil if the operation has no role requirements or if the operation is unknown.
+func GetRolesForBasicAuth(operation string) []string {
+	roles, ok := operationRolesBasicAuth[operation]
+	if !ok {
+		return nil
+	}
+	// Return a copy to prevent external modification
+	result := make([]string, len(roles))
+	copy(result, roles)
+	return result
+}
+
+// oauth2ScopesOAuth2 is a private map storing OAuth2 scopes per operation.
+var oauth2ScopesOAuth2 = map[string][]string{
+	DealsDealIDGetOperation:                   []string{},
+	DealsGetOperation:                         []string{},
+	DealsPostOperation:                        []string{},
+	MeGetOperation:                            []string{},
+	PaymentMethodsPaymentMethodIDGetOperation: []string{},
+	PaymentMethodsPostOperation:               []string{},
+	PaymentsGetOperation:                      []string{},
+	PaymentsPaymentIDCancelPostOperation:      []string{},
+	PaymentsPaymentIDCapturePostOperation:     []string{},
+	PaymentsPaymentIDGetOperation:             []string{},
+	PaymentsPostOperation:                     []string{},
+	PayoutsGetOperation:                       []string{},
+	PayoutsPayoutIDGetOperation:               []string{},
+	PayoutsPostOperation:                      []string{},
+	PayoutsSearchGetOperation:                 []string{},
+	PersonalDataPersonalDataIDGetOperation:    []string{},
+	PersonalDataPostOperation:                 []string{},
+	ReceiptsGetOperation:                      []string{},
+	ReceiptsPostOperation:                     []string{},
+	ReceiptsReceiptIDGetOperation:             []string{},
+	RefundsGetOperation:                       []string{},
+	RefundsPostOperation:                      []string{},
+	RefundsRefundIDGetOperation:               []string{},
+	SbpBanksGetOperation:                      []string{},
+	WebhooksGetOperation:                      []string{},
+	WebhooksPostOperation:                     []string{},
+	WebhooksWebhookIDDeleteOperation:          []string{},
+}
+
+// GetOAuth2ScopesForOAuth2 returns the required OAuth2 scopes for the given operation.
+//
+// This is useful for token exchange scenarios where you need to know which scopes
+// to request when obtaining a token for a downstream API call.
+//
+// Example:
+//
+//	requiredScopes := GetOAuth2ScopesForOAuth2(AddPetOperation)
+//	token := exchangeTokenWithScopes(requiredScopes, "https://api.example.com")
+//
+// Returns nil if the operation has no scope requirements or if the operation is unknown.
+func GetOAuth2ScopesForOAuth2(operation string) []string {
+	scopes, ok := oauth2ScopesOAuth2[operation]
+	if !ok {
+		return nil
+	}
+	// Return a copy to prevent external modification
+	result := make([]string, len(scopes))
+	copy(result, scopes)
+	return result
+}
+
+func (s *Server) securityBasicAuth(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
+	var t BasicAuth
+	if _, ok := findAuthorization(req.Header, "Basic"); !ok {
+		return ctx, false, nil
+	}
+	username, password, ok := req.BasicAuth()
+	if !ok {
+		return nil, false, errors.New("invalid basic auth")
+	}
+	t.Username = username
+	t.Password = password
+	t.Roles = operationRolesBasicAuth[operationName]
+	rctx, err := s.sec.HandleBasicAuth(ctx, operationName, t)
+	if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
+		return nil, false, nil
+	} else if err != nil {
+		return nil, false, err
+	}
+	return rctx, true, err
+}
+
+func (s *Server) securityOAuth2(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
+	var t OAuth2
+	token, ok := findAuthorization(req.Header, "Bearer")
+	if !ok {
+		return ctx, false, nil
+	}
+	t.Token = token
+	t.Scopes = oauth2ScopesOAuth2[operationName]
+	rctx, err := s.sec.HandleOAuth2(ctx, operationName, t)
+	if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
+		return nil, false, nil
+	} else if err != nil {
+		return nil, false, err
+	}
+	return rctx, true, err
+}
+
+// SecuritySource is provider of security values (tokens, passwords, etc.).
+type SecuritySource interface {
+	// BasicAuth provides BasicAuth security value.
+	// HTTP Basic аутентификация клиента ЮKassa.
+	BasicAuth(ctx context.Context, operationName OperationName) (BasicAuth, error)
+	// OAuth2 provides OAuth2 security value.
+	// Авторизация клиента ЮKassa с использованием OAuth-токена.
+	OAuth2(ctx context.Context, operationName OperationName) (OAuth2, error)
+}
+
+func (s *Client) securityBasicAuth(ctx context.Context, operationName OperationName, req *http.Request) error {
+	t, err := s.sec.BasicAuth(ctx, operationName)
+	if err != nil {
+		return errors.Wrap(err, "security source \"BasicAuth\"")
+	}
+	req.SetBasicAuth(t.Username, t.Password)
+	return nil
+}
+func (s *Client) securityOAuth2(ctx context.Context, operationName OperationName, req *http.Request) error {
+	t, err := s.sec.OAuth2(ctx, operationName)
+	if err != nil {
+		return errors.Wrap(err, "security source \"OAuth2\"")
+	}
+	req.Header.Set("Authorization", "Bearer "+t.Token)
+	return nil
+}