diff --git a/internal/auth/delivery/http/auth_http.go b/internal/auth/delivery/http/auth_http.go index 150aad1..2c3b19f 100644 --- a/internal/auth/delivery/http/auth_http.go +++ b/internal/auth/delivery/http/auth_http.go @@ -154,11 +154,8 @@ func (h *Handler) handleAuthorize(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusBadRequest) web.WriteTemplate(w, &web.ErrorPage{ BaseOf: baseOf, - Error: domain.NewError( - domain.ErrorCodeInvalidClient, - "requested redirect_uri is not registered on client_id side", - "", - ), + Error: domain.NewError(domain.ErrorCodeInvalidClient, "requested redirect_uri is not"+ + " registered on client_id side", ""), }) return diff --git a/internal/user/delivery/http/user_http.go b/internal/user/delivery/http/user_http.go index 9e13d2c..7363701 100644 --- a/internal/user/delivery/http/user_http.go +++ b/internal/user/delivery/http/user_http.go @@ -58,6 +58,7 @@ func (h *Handler) handleFunc(w http.ResponseWriter, r *http.Request) { // WARN(toby3d): If the token is not valid, the endpoint still // MUST return a 200 Response. _ = encoder.Encode(err) //nolint:errchkjson + w.WriteHeader(http.StatusOK) return @@ -70,34 +71,15 @@ func (h *Handler) handleFunc(w http.ResponseWriter, r *http.Request) { "token with 'profile' scope is required to view profile data", "https://indieauth.net/source/#user-information", )) + w.WriteHeader(http.StatusForbidden) return } - resp := new(UserInformationResponse) - if userInfo == nil { - _ = encoder.Encode(resp) //nolint:errchkjson + //nolint:errchkjson + _ = encoder.Encode(NewUserInformationResponse(userInfo, + userInfo.HasEmail() && tkn.Scope.Has(domain.ScopeEmail))) - return - } - - if userInfo.HasName() { - resp.Name = userInfo.GetName() - } - - if userInfo.HasURL() { - resp.URL = userInfo.GetURL().String() - } - - if userInfo.HasPhoto() { - resp.Photo = userInfo.GetPhoto().String() - } - - if tkn.Scope.Has(domain.ScopeEmail) && userInfo.HasEmail() { - resp.Email = userInfo.GetEmail().String() - } - - _ = encoder.Encode(resp) //nolint:errchkjson w.WriteHeader(http.StatusOK) } diff --git a/internal/user/delivery/http/user_http_schema.go b/internal/user/delivery/http/user_http_schema.go index 28c8668..358d097 100644 --- a/internal/user/delivery/http/user_http_schema.go +++ b/internal/user/delivery/http/user_http_schema.go @@ -1,8 +1,36 @@ package http +import "source.toby3d.me/toby3d/auth/internal/domain" + type UserInformationResponse struct { - Name string `json:"name,omitempty"` - URL string `json:"url,omitempty"` - Photo string `json:"photo,omitempty"` - Email string `json:"email,omitempty"` + Name string `json:"name,omitempty"` + URL *domain.URL `json:"url,omitempty"` + Photo *domain.URL `json:"photo,omitempty"` + Email *domain.Email `json:"email,omitempty"` +} + +func NewUserInformationResponse(in *domain.Profile, hasEmail bool) *UserInformationResponse { + out := new(UserInformationResponse) + + if in == nil { + return out + } + + if in.HasName() { + out.Name = in.GetName() + } + + if in.HasURL() { + out.URL = &domain.URL{URL: in.GetURL()} + } + + if in.HasPhoto() { + out.Photo = &domain.URL{URL: in.GetPhoto()} + } + + if hasEmail { + out.Email = in.GetEmail() + } + + return out } diff --git a/internal/user/delivery/http/user_http_test.go b/internal/user/delivery/http/user_http_test.go index fe8b3ee..b687964 100644 --- a/internal/user/delivery/http/user_http_test.go +++ b/internal/user/delivery/http/user_http_test.go @@ -7,6 +7,7 @@ import ( "testing" "github.com/goccy/go-json" + "github.com/google/go-cmp/cmp" "source.toby3d.me/toby3d/auth/internal/common" "source.toby3d.me/toby3d/auth/internal/domain" @@ -57,14 +58,15 @@ func TestUserInfo(t *testing.T) { t.Fatal(err) } - if result.Name != deps.profile.GetName() || - result.Photo != deps.profile.GetPhoto().String() { - t.Errorf("GET /userinfo = %+v, want %+v", result, &delivery.UserInformationResponse{ - Name: deps.profile.GetName(), - URL: deps.profile.GetURL().String(), - Photo: deps.profile.GetPhoto().String(), - Email: deps.profile.GetEmail().String(), - }) + exp := &delivery.UserInformationResponse{ + Name: deps.profile.GetName(), + URL: &domain.URL{URL: deps.profile.GetURL()}, + Photo: &domain.URL{URL: deps.profile.GetPhoto()}, + Email: deps.profile.GetEmail(), + } + + if diff := cmp.Diff(result, exp, cmp.AllowUnexported(domain.URL{}, domain.Email{})); diff != "" { + t.Errorf("%s %s = %+v, want %+v", req.Method, req.RequestURI, result, exp) } }