From 90d39cd386a074513f436a4ee6eb117008fbdb01 Mon Sep 17 00:00:00 2001
From: Oleg Kovalov <oleg@hey.com>
Date: Wed, 29 Nov 2023 10:53:36 +0100
Subject: [PATCH] Update CI and cleanups

---
 .github/dependabot.yml      | 16 ++++++++++++----
 .github/workflows/build.yml | 20 ++++++++------------
 client_test.go              | 19 +++++++++----------
 example_test.go             |  2 +-
 utils.go                    |  6 +++---
 wrapper_test.go             |  1 -
 6 files changed, 33 insertions(+), 31 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 20d5f35..008272a 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,10 +1,18 @@
 version: 2
 updates:
-  - package-ecosystem: gomod
+  - package-ecosystem: "gomod"
+    commit-message:
+      prefix: "deps:"
     directory: "/"
     schedule:
-      interval: daily
-  - package-ecosystem: github-actions
+      interval: "weekly"
+      day: "sunday"
+      time: "09:00"
+  - package-ecosystem: "github-actions"
+    commit-message:
+      prefix: "ci:"
     directory: "/"
     schedule:
-      interval: daily
+      interval: "weekly"
+      day: "sunday"
+      time: "09:00"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 93c6c18..de83cf3 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,23 +1,19 @@
 name: build
 
+permissions: read-all
+
 on:
   push:
     branches: [main]
   pull_request:
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: 'Tag to create'
-        required: true
-        default: 'v0.0.0'
+    branches: [main]
+  schedule:
+    - cron: '0 0 * * 0' # run "At 00:00 on Sunday"
 
 # See https://github.com/cristalhq/.github/.github/workflows
 jobs:
   build:
-    uses: cristalhq/.github/.github/workflows/build.yml@main
+    uses: cristalhq/.github/.github/workflows/build.yml@v0.6.0
 
-  release:
-    if: github.event_name == 'workflow_dispatch'
-    uses: cristalhq/.github/.github/workflows/release.yml@main
-    with:
-      tag: ${{ github.event.input.tag }}
+  vuln:
+    uses: cristalhq/.github/.github/workflows/vuln.yml@v0.6.0
diff --git a/client_test.go b/client_test.go
index e7e3608..83eb809 100644
--- a/client_test.go
+++ b/client_test.go
@@ -4,7 +4,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
@@ -28,7 +27,7 @@ func TestExchangeRequest(t *testing.T) {
 			t.Errorf("Unexpected Content-Type header %q", headerContentType)
 		}
 
-		body, err := ioutil.ReadAll(r.Body)
+		body, err := io.ReadAll(r.Body)
 		if err != nil {
 			t.Errorf("Failed reading request body: %s.", err)
 		}
@@ -71,7 +70,7 @@ func TestClientExchangeWithParams(t *testing.T) {
 			t.Errorf("Authorization header = %q; want %q", got, want)
 		}
 
-		body, err := ioutil.ReadAll(r.Body)
+		body, err := io.ReadAll(r.Body)
 		if err != nil {
 			t.Errorf("Failed reading request body: %s.", err)
 		}
@@ -228,7 +227,7 @@ func TestRetrieveToken_AutoDetect(t *testing.T) {
 		got := r.FormValue("client_id")
 		want := clientID
 		if got != want {
-			w.WriteHeader(500)
+			w.WriteHeader(http.StatusInternalServerError)
 			_, _ = io.WriteString(w, `{"access_token": "ACCESS_TOKEN", "token_type": "bearer"}`)
 			return
 		}
@@ -272,7 +271,7 @@ func TestExchangeRequest_WithParams(t *testing.T) {
 			t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType)
 		}
 
-		body, err := ioutil.ReadAll(r.Body)
+		body, err := io.ReadAll(r.Body)
 		if err != nil {
 			t.Errorf("Failed reading request body: %s.", err)
 		}
@@ -321,7 +320,7 @@ func TestExchangeRequest_JSONResponse(t *testing.T) {
 			t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType)
 		}
 
-		body, err := ioutil.ReadAll(r.Body)
+		body, err := io.ReadAll(r.Body)
 		if err != nil {
 			t.Errorf("Failed reading request body: %s.", err)
 		}
@@ -403,7 +402,7 @@ func TestExchangeRequest_JSONResponse_Expiry(t *testing.T) {
 func testExchangeRequestJSONResponseExpiry(t *testing.T, exp string, want, nullExpires bool) {
 	ts := newServer(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "application/json")
-		_, _ = w.Write([]byte(fmt.Sprintf(`{"access_token": "90d", "scope": "user", "token_type": "bearer", %s}`, exp)))
+		fmt.Fprintf(w, `{"access_token": "90d", "scope": "user", "token_type": "bearer", %s}`, exp)
 	})
 	defer ts.Close()
 
@@ -456,7 +455,7 @@ func TestPasswordCredentialsTokenRequest(t *testing.T) {
 			t.Errorf("Content-Type header = %q; want %q", headerContentType, expected)
 		}
 
-		body, err := ioutil.ReadAll(r.Body)
+		body, err := io.ReadAll(r.Body)
 		if err != nil {
 			t.Errorf("Failed reading request body: %s.", err)
 		}
@@ -503,7 +502,7 @@ func TestPasswordCredentialsTokenRequest(t *testing.T) {
 // 		if headerContentType != "application/x-www-form-urlencoded" {
 // 			t.Errorf("Unexpected Content-Type header %q", headerContentType)
 // 		}
-// 		body, _ := ioutil.ReadAll(r.Body)
+// 		body, _ := io.ReadAll(r.Body)
 // 		if string(body) != "grant_type=refresh_token&refresh_token=REFRESH_TOKEN" {
 // 			t.Errorf("Unexpected refresh token payload %q", body)
 // 		}
@@ -528,7 +527,7 @@ func TestPasswordCredentialsTokenRequest(t *testing.T) {
 // 		if headerContentType != "application/x-www-form-urlencoded" {
 // 			t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType)
 // 		}
-// 		body, _ := ioutil.ReadAll(r.Body)
+// 		body, _ := io.ReadAll(r.Body)
 // 		if string(body) != "client_id=CLIENT_ID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN" {
 // 			t.Errorf("Unexpected refresh token payload, %v is found.", string(body))
 // 		}
diff --git a/example_test.go b/example_test.go
index c799e28..8024b3a 100644
--- a/example_test.go
+++ b/example_test.go
@@ -10,7 +10,7 @@ import (
 	"github.com/cristalhq/oauth2"
 )
 
-func ExampleClientAndConfig() {
+func Example() {
 	config := oauth2.Config{
 		ClientID:     "YOUR_CLIENT_ID",
 		ClientSecret: "YOUR_CLIENT_SECRET",
diff --git a/utils.go b/utils.go
index 6957f7a..dff665a 100644
--- a/utils.go
+++ b/utils.go
@@ -30,7 +30,7 @@ func parseResponse(resp *http.Response) (*Token, error) {
 	resp.Body.Close()
 
 	if err != nil {
-		return nil, fmt.Errorf("oauth2: cannot fetch token: %v", err)
+		return nil, fmt.Errorf("oauth2: cannot fetch token: %w", err)
 	}
 	if resp.StatusCode < 200 || resp.StatusCode > 299 {
 		return nil, fmt.Errorf("oauth2: cannot fetch token: %v %v\nResponse: %s",
@@ -109,11 +109,11 @@ type tokenJSON struct {
 	ExpiresIn    expirationTime `json:"expires_in"` // at least PayPal returns string, while most return number
 }
 
-func (e *tokenJSON) expiry() (t time.Time) {
+func (e *tokenJSON) expiry() time.Time {
 	if v := e.ExpiresIn; v != 0 {
 		return time.Now().Add(time.Duration(v) * time.Second)
 	}
-	return
+	return time.Time{}
 }
 
 type expirationTime int32
diff --git a/wrapper_test.go b/wrapper_test.go
index d4ae0b9..7e514ac 100644
--- a/wrapper_test.go
+++ b/wrapper_test.go
@@ -21,7 +21,6 @@ func TestWrap(t *testing.T) {
 
 	c := &http.Client{Timeout: 5 * time.Second}
 	wc, err := Wrap("Authorization", apikey, c)
-
 	if err != nil {
 		t.Fatal(err)
 	}