From 1eed5a8f1053f87b10cb3410e477792075d7f3e4 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Tue, 19 Feb 2019 10:23:07 +0300
Subject: refactor social login flow

---
 .../java/com/juick/server/api/ApiSocialLogin.java  | 51 ++++++++--------------
 1 file changed, 19 insertions(+), 32 deletions(-)

(limited to 'src/main/java/com/juick/server/api/ApiSocialLogin.java')

diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 75fd6d11..be306fe9 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -82,6 +82,7 @@ public class ApiSocialLogin {
     @Inject
     private ObjectMapper jsonMapper;
     private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
+    private OAuth20Service facebookAuthService, vkAuthService;
 
     @Value("${twitter_consumer_key:appid}")
     private String twitterConsumerKey;
@@ -117,6 +118,16 @@ public class ApiSocialLogin {
         verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
                 .setAudience(Collections.singletonList(googleClientId))
                 .build();
+        facebookAuthService = facebookBuilder
+                .apiSecret(FACEBOOK_SECRET)
+                .callback(FACEBOOK_REDIRECT)
+                .scope("email")
+                .build(FacebookApi.instance());
+        vkAuthService = vkBuilder
+                .apiSecret(VK_SECRET)
+                .scope("friends,wall,offline")
+                .callback(VK_REDIRECT)
+                .build(VkontakteApi.instance());
     }
 
     @GetMapping("/api/_fblogin")
@@ -125,13 +136,7 @@ public class ApiSocialLogin {
         if (StringUtils.isBlank(code)) {
             String fbstate = UUID.randomUUID().toString();
             crosspostService.addFacebookState(fbstate, state);
-            OAuth20Service facebookAuthService = facebookBuilder
-                    .apiSecret(FACEBOOK_SECRET)
-                    .callback(FACEBOOK_REDIRECT)
-                    .scope("email")
-                    .state(fbstate)
-                    .build(FacebookApi.instance());
-            return "redirect:" + facebookAuthService.getAuthorizationUrl();
+            return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
         }
 
         String redirectUrl = crosspostService.verifyFacebookState(state);
@@ -140,17 +145,10 @@ public class ApiSocialLogin {
             logger.error("state is missing");
             throw new HttpBadRequestException();
         }
-        OAuth20Service facebookService = facebookBuilder
-                .apiKey(FACEBOOK_APPID)
-                .apiSecret(FACEBOOK_SECRET)
-                .callback(FACEBOOK_REDIRECT)
-                .scope("email")
-                .state(state)
-                .build(FacebookApi.instance());
-        OAuth2AccessToken token = facebookService.getAccessToken(code);
+        OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
         final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,email");
-        facebookService.signRequest(token, meRequest);
-        String graph = facebookService.execute(meRequest).getBody();
+        facebookAuthService.signRequest(token, meRequest);
+        String graph = facebookAuthService.execute(meRequest).getBody();
         if (StringUtils.isBlank(graph)) {
             logger.error("FACEBOOK GRAPH ERROR");
             throw new HttpBadRequestException();
@@ -241,13 +239,7 @@ public class ApiSocialLogin {
         if (StringUtils.isBlank(code)) {
             String vkstate = UUID.randomUUID().toString();
             crosspostService.addVKState(vkstate, state);
-            OAuth20Service vkAuthService = vkBuilder
-                    .apiSecret(VK_SECRET)
-                    .scope("friends,wall,offline")
-                    .state(vkstate)
-                    .callback(VK_REDIRECT)
-                    .build(VkontakteApi.instance());
-            return "redirect:" + vkAuthService.getAuthorizationUrl();
+            return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
         }
 
         String redirectUrl = crosspostService.verifyVKState(state);
@@ -255,16 +247,11 @@ public class ApiSocialLogin {
             logger.error("state is missing");
             throw new HttpBadRequestException();
         }
-
-        OAuth20Service vkService = vkBuilder
-                .apiKey(VK_APPID)
-                .apiSecret(VK_SECRET)
-                .build(VkontakteApi.instance());
-        OAuth2AccessToken token = vkService.getAccessToken(code);
+        OAuth2AccessToken token = vkAuthService.getAccessToken(code);
 
         OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
-        vkService.signRequest(token, meRequest);
-        String graph = vkService.execute(meRequest).getBody();
+        vkAuthService.signRequest(token, meRequest);
+        String graph = vkAuthService.execute(meRequest).getBody();
 
         com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
         String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
-- 
cgit v1.2.3