Skip to content

Commit

Permalink
fix sonar findings
Browse files Browse the repository at this point in the history
  • Loading branch information
ntruchsess committed Dec 17, 2024
1 parent 93ce49e commit c01f26d
Showing 1 changed file with 40 additions and 48 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -30,67 +30,59 @@ public static async Task<KeycloakAccessToken> GetAccessToken(this KeycloakAccess
{
var now = DateTimeOffset.UtcNow;

if (token is null)
{
return await GetToken(url, realm, userName, password, clientSecret, clientId, now, cancellationToken).ConfigureAwait(ConfigureAwaitOptions.None);
}

if (token.ExpiryTime > now)
if (token != null && token.ExpiryTime > now)
{
return token;
}

return token.RefreshExpiryTime > now ?
await GetToken(url, realm, [
new("grant_type", "refresh_token"),
new("refresh_token", token.RefreshToken),
new("client_id", clientId)
], now, cancellationToken).ConfigureAwait(ConfigureAwaitOptions.None) :
await GetToken(url, realm, userName, password, clientSecret, clientId, now, cancellationToken)
.ConfigureAwait(ConfigureAwaitOptions.None);
}
var accessTokenResponse = await (token is null
? GetToken()
: RefreshToken()).ConfigureAwait(ConfigureAwaitOptions.None) ?? throw new ConflictException("accessTokenResponse should never be null");

private static async Task<KeycloakAccessToken> GetToken(Url url, string realm, string? userName, string? password, string? clientSecret, string clientId, DateTimeOffset requestTime, CancellationToken cancellationToken)
{
if (clientSecret != null)
{
return await GetToken(url, realm, [
new("grant_type", "client_credentials"),
new("client_secret", clientSecret),
new("client_id", clientId)
], requestTime, cancellationToken).ConfigureAwait(ConfigureAwaitOptions.None);
}
return new KeycloakAccessToken(accessTokenResponse.AccessToken, now.AddSeconds(accessTokenResponse.ExpiresIn), accessTokenResponse.RefreshToken, now.AddSeconds(accessTokenResponse.RefreshExpiresIn));

if (userName != null)
Task<AccessTokenResponse> GetToken()
{
return await GetToken(url, realm, [
new("grant_type", "password"),
new("username", userName),
new("password", password ?? ""),
new("client_id", "admin-cli")
], requestTime, cancellationToken).ConfigureAwait(ConfigureAwaitOptions.None);
}

throw new ArgumentException($"{nameof(userName)} and {nameof(clientSecret)} must not all be null");
}
if (clientSecret != null)
{
return RetrieveToken([
new("grant_type", "client_credentials"),
new("client_secret", clientSecret),
new("client_id", clientId)
]);
}

private static async Task<KeycloakAccessToken> GetToken(Url url, string realm, IEnumerable<KeyValuePair<string, string>> keyValues, DateTimeOffset requestTime, CancellationToken cancellationToken)
{
var result = await url
.AppendPathSegments("realms", Url.Encode(realm), "protocol/openid-connect/token")
.WithHeader("Content-Type", "application/x-www-form-urlencoded")
.PostUrlEncodedAsync(keyValues, cancellationToken: cancellationToken)
.ReceiveJson<AccessTokenResponse>().ConfigureAwait(ConfigureAwaitOptions.None);
if (userName != null)
{
return RetrieveToken([
new("grant_type", "password"),
new("username", userName),
new("password", password ?? ""),
new("client_id", "admin-cli")
]);
}

if (result is null)
{
throw new ConflictException("result should never be null");
throw new ArgumentException($"{nameof(userName)} and {nameof(clientSecret)} must not all be null");
}

return new KeycloakAccessToken(result.AccessToken, requestTime.AddSeconds(result.ExpiresIn), result.RefreshToken, requestTime.AddSeconds(result.RefreshExpiresIn));
Task<AccessTokenResponse> RefreshToken() =>
token.RefreshExpiryTime > now
? RetrieveToken([
new("grant_type", "refresh_token"),
new("refresh_token", token.RefreshToken),
new("client_id", clientId)
])
: GetToken();

Task<AccessTokenResponse> RetrieveToken(IEnumerable<KeyValuePair<string, string>> keyValues) =>
url
.AppendPathSegments("realms", Url.Encode(realm), "protocol/openid-connect/token")
.WithHeader("Content-Type", "application/x-www-form-urlencoded")
.PostUrlEncodedAsync(keyValues, cancellationToken: cancellationToken)
.ReceiveJson<AccessTokenResponse>();
}

private record AccessTokenResponse(
private sealed record AccessTokenResponse(
[property: JsonPropertyName("access_token")] string AccessToken,
[property: JsonPropertyName("expires_in")] int ExpiresIn,
[property: JsonPropertyName("refresh_token")] string RefreshToken,
Expand Down

0 comments on commit c01f26d

Please sign in to comment.