// otherwise if method has scope tags then add those to indicate method requires scope
List<String> scopeValues = ParserHelper.getTagValues(this.methodDoc, this.options.getOperationScopeTags());
if (scopeValues != null) {
List<Oauth2Scope> oauth2Scopes = new ArrayList<Oauth2Scope>();
for (String scopeVal : scopeValues) {
Oauth2Scope apiScope = apiScopes.get(scopeVal);
if (apiScope == null) {
throw new IllegalStateException("The scope: " + scopeVal + " was referenced in the method: " + this.methodDoc
+ " but this scope was not part of the API service.json level authorization object.");
}
oauth2Scopes.add(apiScope);
}
authorizations = new OperationAuthorizations(oauth2Scopes);
}
// if not scopes see if its auth and whether we need to add default scope to it
if (scopeValues == null || scopeValues.isEmpty()) {
// b) if method has an auth tag that starts with one of the known values that indicates whether auth required.
String authSpec = ParserHelper.getTagValue(this.methodDoc, this.options.getAuthOperationTags());
if (authSpec != null) {
boolean unauthFound = false;
for (String unauthValue : this.options.getUnauthOperationTagValues()) {
if (authSpec.toLowerCase().startsWith(unauthValue.toLowerCase())) {
authorizations = new OperationAuthorizations();
unauthFound = true;
break;
}
}
if (!unauthFound) {
// its deemed to require authentication, however there is no explicit scope so we need to use
// the default scopes
List<String> defaultScopes = this.options.getAuthOperationScopes();
if (defaultScopes != null && !defaultScopes.isEmpty()) {
List<Oauth2Scope> oauth2Scopes = new ArrayList<Oauth2Scope>();
for (String scopeVal : defaultScopes) {
Oauth2Scope apiScope = apiScopes.get(scopeVal);
if (apiScope == null) {
throw new IllegalStateException("The default scope: " + scopeVal + " needed for the authorized method: " + this.methodDoc
+ " was not part of the API service.json level authorization object.");
}
oauth2Scopes.add(apiScope);