From e1ce8d6b33590b6ed6d7938bc34ae29e69ff2b05 Mon Sep 17 00:00:00 2001
From: Jan Kowalleck <jan.kowalleck@gmail.com>
Date: Fri, 16 Sep 2022 19:21:31 +0200
Subject: [PATCH] fix: properly declare licenses from environment

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
---
 cyclonedx_py/parser/environment.py | 20 +++++++++++++-------
 tests/test_parser_environment.py   |  4 ++--
 2 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/cyclonedx_py/parser/environment.py b/cyclonedx_py/parser/environment.py
index e6e382ce..c44a0adb 100644
--- a/cyclonedx_py/parser/environment.py
+++ b/cyclonedx_py/parser/environment.py
@@ -43,7 +43,7 @@
 else:
     from importlib_metadata import metadata, PackageMetadata as _MetadataReturn
 
-from cyclonedx.model import LicenseChoice
+from cyclonedx.model import License, LicenseChoice
 from cyclonedx.model.component import Component
 from cyclonedx.parser import BaseParser
 
@@ -71,16 +71,22 @@ def __init__(self, use_purl_bom_ref: bool = False) -> None:
                 c.author = i_metadata['Author']
 
             if 'License' in i_metadata and i_metadata['License'] != 'UNKNOWN':
-                c.licenses.add(LicenseChoice(license_expression=i_metadata['License']))
+                # Values might be ala `MIT` (SPDX id), `Apache-2.0 license` (arbitrary string), ...
+                # Therefore, just go with a named license.
+                c.licenses.add(LicenseChoice(license_=License(license_name=i_metadata['License'])))
 
             if 'Classifier' in i_metadata:
                 for classifier in i_metadata['Classifier']:
+                    # Trove classifiers - https://packaging.python.org/specifications/core-metadata/#metadata-classifier
+                    # Full list: https://pypi.python.org/pypi?%3Aaction=list_classifiers
                     if str(classifier).startswith('License :: OSI Approved :: '):
-                        c.licenses.add(
-                            LicenseChoice(
-                                license_expression=str(classifier).replace('License :: OSI Approved :: ', '').strip()
-                            )
-                        )
+                        c.licenses.add(LicenseChoice(license_=License(
+                            license_name=str(classifier).replace('License :: OSI Approved :: ', '').strip()
+                        )))
+                    elif str(classifier).startswith('License :: '):
+                        c.licenses.add(LicenseChoice(license_=License(
+                            license_name=str(classifier).replace('License :: ', '').strip()
+                        )))
 
             self._components.append(c)
 
diff --git a/tests/test_parser_environment.py b/tests/test_parser_environment.py
index 92e1ffae..9e5c1cd1 100644
--- a/tests/test_parser_environment.py
+++ b/tests/test_parser_environment.py
@@ -39,7 +39,7 @@ def test_simple(self) -> None:
         self.assertIsNotNone(c_tox)
         self.assertNotEqual(c_tox.purl.to_string(), c_tox.bom_ref.value)
         self.assertIsNotNone(c_tox.licenses)
-        self.assertEqual('MIT', c_tox.licenses.pop().expression)
+        self.assertEqual('MIT', c_tox.licenses.pop().license.name)
 
     def test_simple_use_purl_bom_ref(self) -> None:
         """
@@ -56,4 +56,4 @@ def test_simple_use_purl_bom_ref(self) -> None:
         self.assertIsNotNone(c_tox)
         self.assertEqual(c_tox.purl.to_string(), c_tox.bom_ref.value)
         self.assertIsNotNone(c_tox.licenses)
-        self.assertEqual('MIT', c_tox.licenses.pop().expression)
+        self.assertEqual('MIT', c_tox.licenses.pop().license.name)