From ff0b1ce87d61ca48c7f1608638e7150afe2cea72 Mon Sep 17 00:00:00 2001 From: Jordan Dominion Date: Sat, 2 Nov 2024 12:48:23 -0400 Subject: [PATCH] Fix complexity warning in `LoginAuthority` --- .../Authority/LoginAuthority.cs | 77 +++++++++++-------- 1 file changed, 43 insertions(+), 34 deletions(-) diff --git a/src/Tgstation.Server.Host/Authority/LoginAuthority.cs b/src/Tgstation.Server.Host/Authority/LoginAuthority.cs index e0ae9ab433..c98863d01c 100644 --- a/src/Tgstation.Server.Host/Authority/LoginAuthority.cs +++ b/src/Tgstation.Server.Host/Authority/LoginAuthority.cs @@ -162,32 +162,14 @@ public async ValueTask> AttemptLogin(Cancellation if (oAuthLogin) { var oAuthProvider = headers.OAuthProvider!.Value; - (string? UserID, string AccessCode)? oauthResult; - try - { - var validator = oAuthProviders - .GetValidator(oAuthProvider, true); - - if (validator == null) - return BadRequest(ErrorCode.OAuthProviderDisabled); - - oauthResult = await validator - .ValidateResponseCode(headers.OAuthCode!, true, cancellationToken); - - Logger.LogTrace("External {oAuthProvider} UID: {externalUserId}", oAuthProvider, oauthResult); - } - catch (Octokit.RateLimitExceededException ex) - { - return RateLimit(ex); - } - - if (!oauthResult.HasValue) - return Unauthorized(); + var (errorResponse, oauthResult) = await TryOAuthenticate(headers, oAuthProvider, true, cancellationToken); + if (errorResponse != null) + return errorResponse; query = query.Where( x => x.OAuthConnections!.Any( y => y.Provider == oAuthProvider - && y.ExternalUserId == oauthResult.Value.UserID)); + && y.ExternalUserId == oauthResult!.Value.UserID)); } else { @@ -293,24 +275,16 @@ public async ValueTask> AttemptOAuthG if (!oAuthProvider.HasValue) return BadRequest(ErrorCode.BadHeaders); - var validator = oAuthProviders - .GetValidator(oAuthProvider.Value, false); - - if (validator == null) - return BadRequest(ErrorCode.OAuthProviderDisabled); - - var result = await validator - .ValidateResponseCode(headers.OAuthCode!, false, cancellationToken); - - if (!result.HasValue) - return Unauthorized(); + var (errorResponse, oAuthResult) = await TryOAuthenticate(headers, oAuthProvider.Value, false, cancellationToken); + if (errorResponse != null) + return errorResponse; Logger.LogDebug("Generated {provider} OAuth AccessCode", oAuthProvider.Value); return new AuthorityResponse( new OAuthGatewayLoginResult { - AccessCode = result.Value.AccessCode, + AccessCode = oAuthResult!.Value.AccessCode, }); } @@ -329,5 +303,40 @@ private async ValueTask CacheSystemIdentity(ISystemIdentity systemIdentity, User identExpiry += TimeSpan.FromSeconds(15); await identityCache.CacheSystemIdentity(user, systemIdentity!, identExpiry); } + + /// + /// Attempt OAuth authentication. + /// + /// The to use for errored s. + /// The current . + /// The to use. + /// If this is for a server login. + /// The for the operation. + /// A resulting in an errored on failure or the result of the call to on success. + async ValueTask<(AuthorityResponse? ErrorResponse, (string? UserID, string AccessCode)? OAuthResult)> TryOAuthenticate(ApiHeaders headers, OAuthProvider oAuthProvider, bool forLogin, CancellationToken cancellationToken) + { + (string? UserID, string AccessCode)? oauthResult; + try + { + var validator = oAuthProviders + .GetValidator(oAuthProvider, forLogin); + + if (validator == null) + return (BadRequest(ErrorCode.OAuthProviderDisabled), null); + oauthResult = await validator + .ValidateResponseCode(headers.OAuthCode!, forLogin, cancellationToken); + + Logger.LogTrace("External {oAuthProvider} UID: {externalUserId}", oAuthProvider, oauthResult); + } + catch (Octokit.RateLimitExceededException ex) + { + return (RateLimit(ex), null); + } + + if (!oauthResult.HasValue) + return (Unauthorized(), null); + + return (null, OAuthResult: oauthResult); + } } }