general support to add scopes for bearer auth too (#1984)

* general support to add scopes for bearer auth too
implemented authorize workflow in aspnet core too

* petstore update

* fix missing )

* multi roles fix

* null pointer error prevention

* null point exception fixes

* null pointer fixes

* npe fix

* solved line break issue

Author: MBcom

modules/openapi-generator/src/main/java/org/openapitools/codegen/CodegenSecurity.java

@@ -38,7 +38,7 @@ public class CodegenSecurity {
     // Oauth specific
     public String flow, authorizationUrl, tokenUrl;
     public List<Map<String, Object>> scopes;
-    public Boolean isCode, isPassword, isApplication, isImplicit;
+    public Boolean isCode, isPassword, isApplication, isImplicit, hasScopes;
 
     @Override
     public String toString() {

modules/openapi-generator/src/main/java/org/openapitools/codegen/DefaultGenerator.java

@@ -1051,13 +1051,47 @@ private void processOperation(String resourcePath, String httpMethod, Operation
                 if (securities != null && securities.isEmpty()) {
                     continue;
                 }
+
                 Map<String, SecurityScheme> authMethods = getAuthMethods(securities, securitySchemes);
                 if (authMethods == null || authMethods.isEmpty()) {
                     authMethods = getAuthMethods(globalSecurities, securitySchemes);
                 }
 
                 if (authMethods != null && !authMethods.isEmpty()) {
                     codegenOperation.authMethods = config.fromSecurity(authMethods);
+                    List<Map<String, Object>> scopes = new ArrayList<Map<String, Object>>();
+                    if (codegenOperation.authMethods != null){
+                        for (CodegenSecurity security : codegenOperation.authMethods){
+                            if (security != null && security.isBasicBearer != null && security.isBasicBearer &&
+                               securities != null){
+                                for (SecurityRequirement req : securities){
+                                    if (req == null) continue;
+                                    for (String key : req.keySet()){
+                                        if (security.name != null && key.equals(security.name)){
+                                            int count = 0;
+                                            for (String sc : req.get(key)){
+                                                Map<String, Object> scope = new HashMap<String, Object>();
+                                                scope.put("scope", sc);
+                                                scope.put("description", "");
+                                                count++;
+                                                if (req.get(key) != null && count < req.get(key).size()){
+                                                    scope.put("hasMore", "true");
+                                                } else {
+                                                    scope.put("hasMore", null);
+                                                }
+                                                scopes.add(scope);
+                                            }
+                                            //end this inner for 
+                                            break;
+                                        }
+                                    }
+
+                                }
+                                security.hasScopes = scopes.size() > 0;
+                                security.scopes = scopes;
+                            }
+                        }
+                    }
                     codegenOperation.hasAuthMethods = true;
                 }
 

modules/openapi-generator/src/main/resources/aspnetcore/2.1/controller.mustache

@@ -14,6 +14,7 @@ using Newtonsoft.Json;
 {{/isLibrary}}
 using System.ComponentModel.DataAnnotations;
 using {{packageName}}.Attributes;
+using Microsoft.AspNetCore.Authorization;
 using {{modelPackage}};
 
 namespace {{apiPackage}}
@@ -32,7 +33,8 @@ namespace {{apiPackage}}
         /// <param name="{{paramName}}">{{description}}</param>{{/allParams}}{{#responses}}
         /// <response code="{{code}}">{{message}}</response>{{/responses}}
         [{{httpMethod}}]
-        [Route("{{{basePathWithoutHost}}}{{{path}}}")]
+        [Route("{{{basePathWithoutHost}}}{{{path}}}")]{{#hasAuthMethods}}{{#authMethods}}{{#isBasicBearer}}
+        [Authorize{{#hasScopes}}(Roles = "{{#scopes}}{{scope}}{{#hasMore}},{{/hasMore}}{{/scopes}}"){{/hasScopes}}]{{/isBasicBearer}}{{/authMethods}}{{/hasAuthMethods}}
         [ValidateModelState]{{#useSwashbuckle}}
         [SwaggerOperation("{{operationId}}")]{{#responses}}{{#dataType}}
         [SwaggerResponse(statusCode: {{code}}, type: typeof({{&dataType}}), description: "{{message}}")]{{/dataType}}{{^dataType}}{{/dataType}}{{/responses}}{{/useSwashbuckle}}{{^useSwashbuckle}}{{#responses}}{{#dataType}}

samples/server/petstore/aspnetcore/src/Org.OpenAPITools/Controllers/PetApi.cs

@@ -17,6 +17,7 @@
 using System.ComponentModel.DataAnnotations;
 using Org.OpenAPITools.Attributes;
 using Org.OpenAPITools.Models;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Org.OpenAPITools.Controllers
 { 

samples/server/petstore/aspnetcore/src/Org.OpenAPITools/Controllers/StoreApi.cs

@@ -17,6 +17,7 @@
 using System.ComponentModel.DataAnnotations;
 using Org.OpenAPITools.Attributes;
 using Org.OpenAPITools.Models;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Org.OpenAPITools.Controllers
 { 

samples/server/petstore/aspnetcore/src/Org.OpenAPITools/Controllers/UserApi.cs

@@ -17,6 +17,7 @@
 using System.ComponentModel.DataAnnotations;
 using Org.OpenAPITools.Attributes;
 using Org.OpenAPITools.Models;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Org.OpenAPITools.Controllers
 {