From a7f822b0dbe89d307a2331ee799c38b9a6b58cd6 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Mon, 28 Apr 2025 16:35:08 -0600
Subject: refactor: move token exchange into service class

---
 app/controllers/sessions/controller.go | 15 +++------------
 app/controllers/sessions/service.go    | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 12 deletions(-)

(limited to 'app')

diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go
index 6c61ec0..b3c8ae8 100644
--- a/app/controllers/sessions/controller.go
+++ b/app/controllers/sessions/controller.go
@@ -1,14 +1,12 @@
 package sessions
 
 import (
-	"context"
 	"net/http"
 	"time"
 
 	"github.com/xlgmokha/x/pkg/log"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web/cookie"
-	"golang.org/x/oauth2"
 )
 
 type Controller struct {
@@ -119,23 +117,16 @@ The `id_token` is a JWT that looks like the following body when it is decoded:
 ```
 */
 func (c *Controller) Create(w http.ResponseWriter, r *http.Request) {
-	ctx := context.WithValue(r.Context(), oauth2.HTTPClient, c.http)
-	token, err := c.cfg.Config.Exchange(ctx, r.URL.Query().Get("code"))
+	tokens, err := c.svc.Exchange(r)
 	if err != nil {
-		log.WithFields(ctx, log.Fields{"error": err})
+		log.WithFields(r.Context(), log.Fields{"error": err})
 		w.WriteHeader(http.StatusInternalServerError)
-		w.Write([]byte("A valid token could not be retrieved."))
 		return
 	}
 
-	tokens := &oidc.Tokens{Token: token}
-	if rawIDToken, ok := token.Extra("id_token").(string); ok {
-		tokens.IDToken = oidc.RawToken(rawIDToken)
-	}
-
 	encoded, err := tokens.ToBase64String()
 	if err != nil {
-		log.WithFields(ctx, log.Fields{"error": err})
+		log.WithFields(r.Context(), log.Fields{"error": err})
 		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
diff --git a/app/controllers/sessions/service.go b/app/controllers/sessions/service.go
index e9a37c6..68ee26d 100644
--- a/app/controllers/sessions/service.go
+++ b/app/controllers/sessions/service.go
@@ -1,6 +1,7 @@
 package sessions
 
 import (
+	"context"
 	"net/http"
 
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
@@ -28,3 +29,17 @@ func (svc *Service) GenerateRedirectURL() (string, string) {
 	)
 	return url, nonce
 }
+
+func (svc *Service) Exchange(r *http.Request) (*oidc.Tokens, error) {
+	ctx := context.WithValue(r.Context(), oauth2.HTTPClient, svc.http)
+	token, err := svc.cfg.Config.Exchange(ctx, r.URL.Query().Get("code"))
+	if err != nil {
+		return nil, err
+	}
+
+	tokens := &oidc.Tokens{Token: token}
+	if rawIDToken, ok := token.Extra("id_token").(string); ok {
+		tokens.IDToken = oidc.RawToken(rawIDToken)
+	}
+	return tokens, nil
+}
-- 
cgit v1.2.3