alxeg/payouts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b2566813ac3c2a91d996d2f1fadbaee11eb72f44
payouts/internal/service/yookassa/gen/oas_security_gen.go

208 lines
7.8 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
// Code generated by ogen, DO NOT EDIT.
package gen
import (
"context"
"net/http"
"strings"
"github.com/go-faster/errors"
"github.com/ogen-go/ogen/ogenerrors"
)
// SecurityHandler is handler for security parameters.
type SecurityHandler interface {
// HandleBasicAuth handles BasicAuth security.
// HTTP Basic аутентификация клиента ЮKassa.
HandleBasicAuth(ctx context.Context, operationName OperationName, t BasicAuth) (context.Context, error)
// HandleOAuth2 handles OAuth2 security.
// Авторизация клиента ЮKassa с использованием OAuth-токена.
HandleOAuth2(ctx context.Context, operationName OperationName, t OAuth2) (context.Context, error)
}
func findAuthorization(h http.Header, prefix string) (string, bool) {
v, ok := h["Authorization"]
if !ok {
return "", false
}
for _, vv := range v {
scheme, value, ok := strings.Cut(vv, " ")
if !ok || !strings.EqualFold(scheme, prefix) {
continue
}
return value, true
}
return "", false
}
// operationRolesBasicAuth is a private map storing roles per operation.
var operationRolesBasicAuth = map[string][]string{
DealsDealIDGetOperation: []string{},
DealsGetOperation: []string{},
DealsPostOperation: []string{},
MeGetOperation: []string{},
PaymentMethodsPaymentMethodIDGetOperation: []string{},
PaymentMethodsPostOperation: []string{},
PaymentsGetOperation: []string{},
PaymentsPaymentIDCancelPostOperation: []string{},
PaymentsPaymentIDCapturePostOperation: []string{},
PaymentsPaymentIDGetOperation: []string{},
PaymentsPostOperation: []string{},
PayoutsGetOperation: []string{},
PayoutsPayoutIDGetOperation: []string{},
PayoutsPostOperation: []string{},
PayoutsSearchGetOperation: []string{},
PersonalDataPersonalDataIDGetOperation: []string{},
PersonalDataPostOperation: []string{},
ReceiptsGetOperation: []string{},
ReceiptsPostOperation: []string{},
ReceiptsReceiptIDGetOperation: []string{},
RefundsGetOperation: []string{},
RefundsPostOperation: []string{},
RefundsRefundIDGetOperation: []string{},
SbpBanksGetOperation: []string{},
WebhooksGetOperation: []string{},
WebhooksPostOperation: []string{},
WebhooksWebhookIDDeleteOperation: []string{},
}
// GetRolesForBasicAuth returns the required roles for the given operation.
//
// This is useful for authorization scenarios where you need to know which roles
// are required for an operation.
//
// Example:
//
// requiredRoles := GetRolesForBasicAuth(AddPetOperation)
//
// Returns nil if the operation has no role requirements or if the operation is unknown.
func GetRolesForBasicAuth(operation string) []string {
roles, ok := operationRolesBasicAuth[operation]
if !ok {
return nil
}
// Return a copy to prevent external modification
result := make([]string, len(roles))
copy(result, roles)
return result
}
// oauth2ScopesOAuth2 is a private map storing OAuth2 scopes per operation.
var oauth2ScopesOAuth2 = map[string][]string{
DealsDealIDGetOperation: []string{},
DealsGetOperation: []string{},
DealsPostOperation: []string{},
MeGetOperation: []string{},
PaymentMethodsPaymentMethodIDGetOperation: []string{},
PaymentMethodsPostOperation: []string{},
PaymentsGetOperation: []string{},
PaymentsPaymentIDCancelPostOperation: []string{},
PaymentsPaymentIDCapturePostOperation: []string{},
PaymentsPaymentIDGetOperation: []string{},
PaymentsPostOperation: []string{},
PayoutsGetOperation: []string{},
PayoutsPayoutIDGetOperation: []string{},
PayoutsPostOperation: []string{},
PayoutsSearchGetOperation: []string{},
PersonalDataPersonalDataIDGetOperation: []string{},
PersonalDataPostOperation: []string{},
ReceiptsGetOperation: []string{},
ReceiptsPostOperation: []string{},
ReceiptsReceiptIDGetOperation: []string{},
RefundsGetOperation: []string{},
RefundsPostOperation: []string{},
RefundsRefundIDGetOperation: []string{},
SbpBanksGetOperation: []string{},
WebhooksGetOperation: []string{},
WebhooksPostOperation: []string{},
WebhooksWebhookIDDeleteOperation: []string{},
}
// GetOAuth2ScopesForOAuth2 returns the required OAuth2 scopes for the given operation.
//
// This is useful for token exchange scenarios where you need to know which scopes
// to request when obtaining a token for a downstream API call.
//
// Example:
//
// requiredScopes := GetOAuth2ScopesForOAuth2(AddPetOperation)
// token := exchangeTokenWithScopes(requiredScopes, "https://api.example.com")
//
// Returns nil if the operation has no scope requirements or if the operation is unknown.
func GetOAuth2ScopesForOAuth2(operation string) []string {
scopes, ok := oauth2ScopesOAuth2[operation]
if !ok {
return nil
}
// Return a copy to prevent external modification
result := make([]string, len(scopes))
copy(result, scopes)
return result
}
func (s *Server) securityBasicAuth(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
var t BasicAuth
if _, ok := findAuthorization(req.Header, "Basic"); !ok {
return ctx, false, nil
}
username, password, ok := req.BasicAuth()
if !ok {
return nil, false, errors.New("invalid basic auth")
}
t.Username = username
t.Password = password
t.Roles = operationRolesBasicAuth[operationName]
rctx, err := s.sec.HandleBasicAuth(ctx, operationName, t)
if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
return nil, false, nil
} else if err != nil {
return nil, false, err
}
return rctx, true, err
}
func (s *Server) securityOAuth2(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
var t OAuth2
token, ok := findAuthorization(req.Header, "Bearer")
if !ok {
return ctx, false, nil
}
t.Token = token
t.Scopes = oauth2ScopesOAuth2[operationName]
rctx, err := s.sec.HandleOAuth2(ctx, operationName, t)
if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
return nil, false, nil
} else if err != nil {
return nil, false, err
}
return rctx, true, err
}
// SecuritySource is provider of security values (tokens, passwords, etc.).
type SecuritySource interface {
// BasicAuth provides BasicAuth security value.
// HTTP Basic аутентификация клиента ЮKassa.
BasicAuth(ctx context.Context, operationName OperationName) (BasicAuth, error)
// OAuth2 provides OAuth2 security value.
// Авторизация клиента ЮKassa с использованием OAuth-токена.
OAuth2(ctx context.Context, operationName OperationName) (OAuth2, error)
}
func (s *Client) securityBasicAuth(ctx context.Context, operationName OperationName, req *http.Request) error {
t, err := s.sec.BasicAuth(ctx, operationName)
if err != nil {
return errors.Wrap(err, "security source \"BasicAuth\"")
}
req.SetBasicAuth(t.Username, t.Password)
return nil
}
func (s *Client) securityOAuth2(ctx context.Context, operationName OperationName, req *http.Request) error {
t, err := s.sec.OAuth2(ctx, operationName)
if err != nil {
return errors.Wrap(err, "security source \"OAuth2\"")
}
req.Header.Set("Authorization", "Bearer "+t.Token)
return nil
}
Reference in New Issue View Git Blame Copy Permalink