From c5f3bfb000f3f7a2a3e769235e62f44757c49b5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ole=20J=C3=B8rgen=20Skogstad?= <skogstad@softis.net>
Date: Tue, 10 Dec 2024 15:22:11 +0100
Subject: [PATCH] chore(webapi): Fix JWTBearerAuth scheme name casing (#1578)

<!--- Provide a general summary of your changes in the Title above -->

## Description

<!--- Describe your changes in detail -->

## Related Issue(s)

- #1577

## Verification

- [x] **Your** code builds clean without any errors or warnings
- [x] Manual testing done (required)
- [ ] Relevant automated test added (if you find this hard, leave it and
we'll help out)

## Documentation

- [ ] Documentation is updated (either in `docs`-directory, Altinnpedia
or a separate linked PR in
[altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if
applicable)

Co-authored-by: Knut Haug <knut.espen.haug@digdir.no>
---
 docs/schema/V1/swagger.verified.json           |  2 +-
 .../OpenApiDocumentExtensions.cs               | 18 ++++++++++++++++++
 .../Program.cs                                 |  1 +
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/docs/schema/V1/swagger.verified.json b/docs/schema/V1/swagger.verified.json
index 0a0592d18..01348f6fd 100644
--- a/docs/schema/V1/swagger.verified.json
+++ b/docs/schema/V1/swagger.verified.json
@@ -4683,7 +4683,7 @@
       "JWTBearerAuth": {
         "bearerFormat": "JWT",
         "description": "Enter a JWT token to authorize the requests...",
-        "scheme": "Bearer",
+        "scheme": "bearer",
         "type": "http"
       }
     }
diff --git a/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs b/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs
index 384199f89..9dc187e41 100644
--- a/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs
+++ b/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs
@@ -6,6 +6,24 @@ namespace Digdir.Domain.Dialogporten.WebApi;
 
 public static class OpenApiDocumentExtensions
 {
+    /// <summary>
+    /// To have this be validated in BlackDuck, we need to lower case the bearer scheme name.
+    /// From editor.swagger.io:
+    /// Structural error at components.securitySchemes.JWTBearerAuth
+    /// should NOT have a `bearerFormat` property without `scheme: bearer` being set
+    /// </summary>
+    /// <param name="openApiDocument"></param>
+    public static void FixJwtBearerCasing(this OpenApiDocument openApiDocument)
+    {
+        foreach (var securityScheme in openApiDocument.Components.SecuritySchemes.Values)
+        {
+            if (securityScheme.Scheme.Equals("Bearer", StringComparison.Ordinal))
+            {
+                securityScheme.Scheme = "bearer";
+            }
+        }
+    }
+
     /// <summary>
     /// When generating ProblemDetails and ProblemDetails_Error, there is a bug/weird behavior in NSwag or FastEndpoints
     /// which results in certain 'Description' properties being generated when running on f.ex. MacOS,
diff --git a/src/Digdir.Domain.Dialogporten.WebApi/Program.cs b/src/Digdir.Domain.Dialogporten.WebApi/Program.cs
index 5185cc8cf..21433a66e 100644
--- a/src/Digdir.Domain.Dialogporten.WebApi/Program.cs
+++ b/src/Digdir.Domain.Dialogporten.WebApi/Program.cs
@@ -201,6 +201,7 @@ static void BuildAndRun(string[] args, TelemetryConfiguration telemetryConfigura
                 document.Generator = null;
                 document.ReplaceProblemDetailsDescriptions();
                 document.MakeCollectionsNullable();
+                document.FixJwtBearerCasing();
             };
         }, uiConfig =>
         {