microsoft · darrelmiller · Feb 22, 2022 · Feb 16, 2022 · Feb 16, 2022 · Feb 16, 2022
diff --git a/src/Microsoft.OpenApi.Readers/V2/OpenApiSecuritySchemeDeserializer.cs b/src/Microsoft.OpenApi.Readers/V2/OpenApiSecuritySchemeDeserializer.cs
@@ -30,7 +30,7 @@ internal static partial class OpenApiV2Deserializer
                         {
                             case "basic":
                                 o.Type = SecuritySchemeType.Http;
-                                o.Scheme = "basic";
+                                o.Scheme = AuthenticationScheme.Basic;
                                 break;
 
                             case "apiKey":

diff --git a/src/Microsoft.OpenApi.Readers/V3/OpenApiSecuritySchemeDeserializer.cs b/src/Microsoft.OpenApi.Readers/V3/OpenApiSecuritySchemeDeserializer.cs
@@ -44,13 +44,13 @@ internal static partial class OpenApiV3Deserializer
                 {
                     "scheme", (o, n) =>
                     {
-                        o.Scheme = n.GetScalarValue();
+                        o.Scheme = n.GetScalarValue().GetEnumFromDisplayName<AuthenticationScheme>();
                     }
                 },
                 {
                     "bearerFormat", (o, n) =>
                     {
-                        o.BearerFormat = n.GetScalarValue();
+                        o.BearerFormat = n.GetScalarValue().GetEnumFromDisplayName<BearerFormat>();
                     }
                 },
                 {

diff --git a/src/Microsoft.OpenApi/Models/AuthenticationScheme.cs b/src/Microsoft.OpenApi/Models/AuthenticationScheme.cs
@@ -0,0 +1,30 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license. 
+
+using Microsoft.OpenApi.Attributes;
+
+namespace Microsoft.OpenApi.Models
+{
+    /// <summary>
+    /// The type of HTTP authentication schemes
+    /// </summary>
+    public enum AuthenticationScheme
+    {
+        /// <summary>
+        /// Use basic HTTP authentication schemes
+        /// </summary>
+        [Display("basic")] Basic,
+
+        /// <summary>
+        /// Use bearer Authentication scheme
+        /// </summary>
+        [Display("bearer")] Bearer,
+
+        /// <summary>
+        /// Use OpenIdConnectUrl
+        /// </summary>
+        [Display("openIdConnectUrl")] OpenIdConnectUrl
+
+
+    }
+}
diff --git a/src/Microsoft.OpenApi/Models/BearerFormat.cs b/src/Microsoft.OpenApi/Models/BearerFormat.cs
@@ -0,0 +1,19 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license. 
+
+using Microsoft.OpenApi.Attributes;
+
+namespace Microsoft.OpenApi.Models
+{
+    /// <summary>
+    /// The type of Bearer authentication scheme
+    /// </summary>
+    public enum BearerFormat
+    {
+        /// <summary>
+        /// Use JWT bearer format
+        /// </summary>
+        [Display("jwt")] JWT,
+
+    }
+}
diff --git a/src/Microsoft.OpenApi/Models/OpenApiSecurityScheme.cs b/src/Microsoft.OpenApi/Models/OpenApiSecurityScheme.cs
@@ -39,14 +39,14 @@ public class OpenApiSecurityScheme : IOpenApiSerializable, IOpenApiReferenceable
         /// REQUIRED. The name of the HTTP Authorization scheme to be used
         /// in the Authorization header as defined in RFC7235.
         /// </summary>
-        public string Scheme { get; set; }
+        public AuthenticationScheme Scheme { get; set; }
 
         /// <summary>
         /// A hint to the client to identify how the bearer token is formatted.
         /// Bearer tokens are usually generated by an authorization server,
         /// so this information is primarily for documentation purposes.
         /// </summary>
-        public string BearerFormat { get; set; }
+        public BearerFormat BearerFormat { get; set; }
 
         /// <summary>
         /// REQUIRED. An object containing configuration information for the flow types supported.
@@ -118,8 +118,8 @@ public void SerializeAsV3WithoutReference(IOpenApiWriter writer)
                     // These properties apply to http type only.
                     // scheme
                     // bearerFormat
-                    writer.WriteProperty(OpenApiConstants.Scheme, Scheme);
-                    writer.WriteProperty(OpenApiConstants.BearerFormat, BearerFormat);
+                    writer.WriteProperty(OpenApiConstants.Scheme, Scheme.GetDisplayName());
+                    writer.WriteProperty(OpenApiConstants.BearerFormat, BearerFormat.GetDisplayName());
                     break;
                 case SecuritySchemeType.OAuth2:
                     // This property apply to oauth2 type only.
@@ -163,7 +163,7 @@ public void SerializeAsV2(IOpenApiWriter writer)
         /// </summary>
         public void SerializeAsV2WithoutReference(IOpenApiWriter writer)
         {
-            if (Type == SecuritySchemeType.Http && Scheme != OpenApiConstants.Basic)
+            if (Type == SecuritySchemeType.Http && Scheme != AuthenticationScheme.Basic)
             {
                 // Bail because V2 does not support non-basic HTTP scheme
                 writer.WriteStartObject();

diff --git a/test/Microsoft.OpenApi.Readers.Tests/V2Tests/OpenApiSecuritySchemeTests.cs b/test/Microsoft.OpenApi.Readers.Tests/V2Tests/OpenApiSecuritySchemeTests.cs
@@ -38,7 +38,7 @@ public void ParseHttpSecuritySchemeShouldSucceed()
                     new OpenApiSecurityScheme
                     {
                         Type = SecuritySchemeType.Http,
-                        Scheme = "basic"
+                        Scheme = AuthenticationScheme.Basic
                     });
             }
         }

diff --git a/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiSecuritySchemeTests.cs b/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiSecuritySchemeTests.cs
@@ -40,7 +40,7 @@ public void ParseHttpSecuritySchemeShouldSucceed()
                     new OpenApiSecurityScheme
                     {
                         Type = SecuritySchemeType.Http,
-                        Scheme = "basic"
+                        Scheme = AuthenticationScheme.Basic
                     });
             }
         }
@@ -95,8 +95,8 @@ public void ParseBearerSecuritySchemeShouldSucceed()
                     new OpenApiSecurityScheme
                     {
                         Type = SecuritySchemeType.Http,
-                        Scheme = "bearer",
-                        BearerFormat = "JWT"
+                        Scheme = AuthenticationScheme.Bearer,
+                        BearerFormat = BearerFormat.JWT
                     });
             }
         }

diff --git a/test/Microsoft.OpenApi.Tests/Models/OpenApiComponentsTests.cs b/test/Microsoft.OpenApi.Tests/Models/OpenApiComponentsTests.cs
@@ -57,7 +57,7 @@ public class OpenApiComponentsTests
                 {
                     Description = "description1",
                     Type = SecuritySchemeType.OpenIdConnect,
-                    Scheme = "openIdConnectUrl",
+                    Scheme = AuthenticationScheme.OpenIdConnectUrl,
                     OpenIdConnectUrl = new Uri("https://example.com/openIdConnect")
                 }
             }
@@ -129,7 +129,7 @@ public class OpenApiComponentsTests
                 {
                     Description = "description1",
                     Type = SecuritySchemeType.OpenIdConnect,
-                    Scheme = "openIdConnectUrl",
+                    Scheme = AuthenticationScheme.OpenIdConnectUrl,
                     OpenIdConnectUrl = new Uri("https://example.com/openIdConnect"),
                     Reference = new OpenApiReference
                     {

diff --git a/test/Microsoft.OpenApi.Tests/Models/OpenApiSecuritySchemeTests.cs b/test/Microsoft.OpenApi.Tests/Models/OpenApiSecuritySchemeTests.cs
@@ -32,15 +32,15 @@ public class OpenApiSecuritySchemeTests
         {
             Description = "description1",
             Type = SecuritySchemeType.Http,
-            Scheme = "basic",
+            Scheme = AuthenticationScheme.Basic,
         };
 
         public static OpenApiSecurityScheme HttpBearerSecurityScheme = new OpenApiSecurityScheme
         {
             Description = "description1",
             Type = SecuritySchemeType.Http,
-            Scheme = "bearer",
-            BearerFormat = "JWT",
+            Scheme = AuthenticationScheme.Bearer,
+            BearerFormat = BearerFormat.JWT,
         };
 
         public static OpenApiSecurityScheme OAuth2SingleFlowSecurityScheme = new OpenApiSecurityScheme
@@ -103,15 +103,15 @@ public class OpenApiSecuritySchemeTests
         {
             Description = "description1",
             Type = SecuritySchemeType.OpenIdConnect,
-            Scheme = "openIdConnectUrl",
+            Scheme = AuthenticationScheme.OpenIdConnectUrl,
             OpenIdConnectUrl = new Uri("https://example.com/openIdConnect")
         };
 
         public static OpenApiSecurityScheme ReferencedSecurityScheme = new OpenApiSecurityScheme
         {
             Description = "description1",
             Type = SecuritySchemeType.OpenIdConnect,
-            Scheme = "openIdConnectUrl",
+            Scheme = AuthenticationScheme.OpenIdConnectUrl,
             OpenIdConnectUrl = new Uri("https://example.com/openIdConnect"),
             Reference = new OpenApiReference
             {