refactor social login flow

2 files changed, 38 insertions, 64 deletions

diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 75fd6d11..be306fe9 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -82,6 +82,7 @@ public class ApiSocialLogin {
     @Inject
     private ObjectMapper jsonMapper;
     private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
+    private OAuth20Service facebookAuthService, vkAuthService;
 
     @Value("${twitter_consumer_key:appid}")
     private String twitterConsumerKey;
@@ -117,6 +118,16 @@ public class ApiSocialLogin {
         verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
                 .setAudience(Collections.singletonList(googleClientId))
                 .build();
+        facebookAuthService = facebookBuilder
+                .apiSecret(FACEBOOK_SECRET)
+                .callback(FACEBOOK_REDIRECT)
+                .scope("email")
+                .build(FacebookApi.instance());
+        vkAuthService = vkBuilder
+                .apiSecret(VK_SECRET)
+                .scope("friends,wall,offline")
+                .callback(VK_REDIRECT)
+                .build(VkontakteApi.instance());
     }
 
     @GetMapping("/api/_fblogin")
@@ -125,13 +136,7 @@ public class ApiSocialLogin {
         if (StringUtils.isBlank(code)) {
             String fbstate = UUID.randomUUID().toString();
             crosspostService.addFacebookState(fbstate, state);
-            OAuth20Service facebookAuthService = facebookBuilder
-                    .apiSecret(FACEBOOK_SECRET)
-                    .callback(FACEBOOK_REDIRECT)
-                    .scope("email")
-                    .state(fbstate)
-                    .build(FacebookApi.instance());
-            return "redirect:" + facebookAuthService.getAuthorizationUrl();
+            return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
         }
 
         String redirectUrl = crosspostService.verifyFacebookState(state);
@@ -140,17 +145,10 @@ public class ApiSocialLogin {
             logger.error("state is missing");
             throw new HttpBadRequestException();
         }
-        OAuth20Service facebookService = facebookBuilder
-                .apiKey(FACEBOOK_APPID)
-                .apiSecret(FACEBOOK_SECRET)
-                .callback(FACEBOOK_REDIRECT)
-                .scope("email")
-                .state(state)
-                .build(FacebookApi.instance());
-        OAuth2AccessToken token = facebookService.getAccessToken(code);
+        OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
         final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,email");
-        facebookService.signRequest(token, meRequest);
-        String graph = facebookService.execute(meRequest).getBody();
+        facebookAuthService.signRequest(token, meRequest);
+        String graph = facebookAuthService.execute(meRequest).getBody();
         if (StringUtils.isBlank(graph)) {
             logger.error("FACEBOOK GRAPH ERROR");
             throw new HttpBadRequestException();
@@ -241,13 +239,7 @@ public class ApiSocialLogin {
         if (StringUtils.isBlank(code)) {
             String vkstate = UUID.randomUUID().toString();
             crosspostService.addVKState(vkstate, state);
-            OAuth20Service vkAuthService = vkBuilder
-                    .apiSecret(VK_SECRET)
-                    .scope("friends,wall,offline")
-                    .state(vkstate)
-                    .callback(VK_REDIRECT)
-                    .build(VkontakteApi.instance());
-            return "redirect:" + vkAuthService.getAuthorizationUrl();
+            return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
         }
 
         String redirectUrl = crosspostService.verifyVKState(state);
@@ -255,16 +247,11 @@ public class ApiSocialLogin {
             logger.error("state is missing");
             throw new HttpBadRequestException();
         }
-
-        OAuth20Service vkService = vkBuilder
-                .apiKey(VK_APPID)
-                .apiSecret(VK_SECRET)
-                .build(VkontakteApi.instance());
-        OAuth2AccessToken token = vkService.getAccessToken(code);
+        OAuth2AccessToken token = vkAuthService.getAccessToken(code);
 
         OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
-        vkService.signRequest(token, meRequest);
-        String graph = vkService.execute(meRequest).getBody();
+        vkAuthService.signRequest(token, meRequest);
+        String graph = vkAuthService.execute(meRequest).getBody();
 
         com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
         String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
diff --git a/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
index b071b6ca..59b1ec0b 100644
--- a/src/main/java/com/juick/server/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
@@ -79,6 +79,7 @@ public class SocialLogin {
     @Inject
     private ObjectMapper jsonMapper;
     private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
+    private OAuth20Service facebookAuthService, vkAuthService;
 
     @Value("${twitter_consumer_key:appid}")
     private String twitterConsumerKey;
@@ -107,6 +108,16 @@ public class SocialLogin {
         vkBuilder = new ServiceBuilder(VK_APPID);
         UriComponentsBuilder facebookRedirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
         facebookRedirectUri = facebookRedirectBuilder.replacePath("/_fblogin").build().toUriString();
+        facebookAuthService = facebookBuilder
+                .apiSecret(FACEBOOK_SECRET)
+                .callback(facebookRedirectUri)
+                .scope("email")
+                .build(FacebookApi.instance());
+        vkAuthService = vkBuilder
+                .apiSecret(VK_SECRET)
+                .scope("friends,wall,offline")
+                .callback(VK_REDIRECT)
+                .build(VkontakteApi.instance());
     }
 
     @GetMapping("/_fblogin")
@@ -120,13 +131,7 @@ public class SocialLogin {
                 state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/");
             }
             crosspostService.addFacebookState(fbstate, state);
-            OAuth20Service facebookAuthService = facebookBuilder
-                    .apiSecret(FACEBOOK_SECRET)
-                    .callback(facebookRedirectUri)
-                    .scope("email")
-                    .state(fbstate)
-                    .build(FacebookApi.instance());
-            return "redirect:" + facebookAuthService.getAuthorizationUrl();
+            return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
         }
 
         String redirectUrl = crosspostService.verifyFacebookState(state);
@@ -134,17 +139,10 @@ public class SocialLogin {
             logger.error("state is missing");
             throw new HttpBadRequestException();
         }
-        OAuth20Service facebookService = facebookBuilder
-                .apiKey(FACEBOOK_APPID)
-                .apiSecret(FACEBOOK_SECRET)
-                .callback(facebookRedirectUri)
-                .scope("email")
-                .state(state)
-                .build(FacebookApi.instance());
-        OAuth2AccessToken token = facebookService.getAccessToken(code);
+        OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
         final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
-        facebookService.signRequest(token, meRequest);
-        String graph = facebookService.execute(meRequest).getBody();
+        facebookAuthService.signRequest(token, meRequest);
+        String graph = facebookAuthService.execute(meRequest).getBody();
         if (StringUtils.isBlank(graph)) {
             logger.error("FACEBOOK GRAPH ERROR");
             throw new HttpBadRequestException();
@@ -240,13 +238,7 @@ public class SocialLogin {
             vkstate = UUID.randomUUID().toString();
             Cookie c = new Cookie("vkstate", vkstate);
             response.addCookie(c);
-            OAuth20Service vkAuthService = vkBuilder
-                    .apiSecret(VK_SECRET)
-                    .scope("friends,wall,offline")
-                    .state(vkstate)
-                    .callback(VK_REDIRECT)
-                    .build(VkontakteApi.instance());
-            return "redirect:" + vkAuthService.getAuthorizationUrl();
+            return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
         }
 
         if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
@@ -256,16 +248,11 @@ public class SocialLogin {
             c.setMaxAge(0);
             response.addCookie(c);
         }
-
-        OAuth20Service vkService = vkBuilder
-                .apiKey(VK_APPID)
-                .apiSecret(VK_SECRET)
-                .build(VkontakteApi.instance());
-        OAuth2AccessToken token = vkService.getAccessToken(code);
+        OAuth2AccessToken token = vkAuthService.getAccessToken(code);
 
         OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
-        vkService.signRequest(token, meRequest);
-        String graph = vkService.execute(meRequest).getBody();
+        vkAuthService.signRequest(token, meRequest);
+        String graph = vkAuthService.execute(meRequest).getBody();
 
         com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
         String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();