from django.conf import settings

API_SERVICE_CLIENT_CREDENTIALS = 'API Service OAuth2 Client Credentials'
API_SERVICE_ACCESS_CODE = 'API Service OAuth2 Access Code'

SCOPES_TO_DESCRIPTION = getattr(settings, 'API_GATEWAY_SCOPES_TO_DESCRIPTION', {})

SECURITY_DEFINITIONS = {
    API_SERVICE_CLIENT_CREDENTIALS: {
        'type': 'oauth2',
        'description': (
            'Allows authentication using client credentials obtained from the API Service'
        ),
        'flow': 'application',  # should be `clientCredentials` when we update to OpenApi 3.0
        'tokenUrl': 'https://<gateway_host>/oauth/client_credential/accesstoken'
                    '?grant_type=client_credentials',
        'scopes': SCOPES_TO_DESCRIPTION
    },
    API_SERVICE_ACCESS_CODE: {
        'type': 'oauth2',
        'flow': 'accessCode',
        'authorizationUrl': 'https://<gateway_host>/oauth2/v1/auth',
        'tokenUrl': 'https://<gateway_host>/oauth2/v1/token',
        'scopes': SCOPES_TO_DESCRIPTION
    }
}


def any_api_service_security_method_with_scopes(*scopes):
    """
    Helper method which returns security definitions for any API Service security
    method with the given scopes.

    """
    return [
        {security_method: list(scopes)}
        for security_method in SECURITY_DEFINITIONS.keys()
    ]