chore(google-one-tap): Use monadic errors when parsing token

AshCorr · AshCorr · commit 9bede794dd3c · 2025-09-11T16:09:18.000+01:00
diff --git a/dotcom-rendering/src/components/GoogleOneTap.importable.tsx b/dotcom-rendering/src/components/GoogleOneTap.importable.tsx
@@ -2,6 +2,7 @@ import type { CountryCode } from '@guardian/libs';
 import { log } from '@guardian/libs';
 import type { TAction, TComponentType } from '@guardian/ophan-tracker-js';
 import { submitComponentEvent } from '../client/ophan/ophan';
+import { error, ok, okOrThrow, Result } from '../lib/result';
 import { useIsSignedIn } from '../lib/useAuthStatus';
 import { useConsent } from '../lib/useConsent';
 import { useCountryCode } from '../lib/useCountryCode';
@@ -59,13 +60,19 @@ const getStage = (hostname: string): StageType => {
  * @param token A JWT Token
  * @returns extracted email address
  */
-export const extractEmailFromToken = (token: string): string | undefined => {
+export const extractEmailFromToken = (
+	token: string,
+): Result<'ParsingError', string> => {
 	const payload = token.split('.')[1];
-	if (!payload) return;
-	const decoded = atob(payload);
-	const parsed = JSON.parse(decoded) as Record<string, unknown>;
-	if (typeof parsed.email !== 'string') return;
-	return parsed.email;
+	if (!payload) return error('ParsingError');
+	try {
+		const decoded = Buffer.from(token, 'base64').toString();
+		const parsed = JSON.parse(decoded) as Record<string, unknown>;
+		if (typeof parsed.email !== 'string') return error('ParsingError');
+		return ok(parsed.email);
+	} catch (e) {
+		return error('ParsingError');
+	}
 };
 
 export const getRedirectUrl = ({
@@ -189,7 +196,7 @@ export const initializeFedCM = async ({
 				providers: getProviders(stage),
 			},
 		})
-		.catch((error) => {
+		.catch((e) => {
 			/**
 			 * The fedcm API hides issues with the user's federated login state
 			 * behind a generic NetworkError. This error is thrown up to 60
@@ -207,7 +214,7 @@ export const initializeFedCM = async ({
 					'FedCM prompt failed, potentially due to user declining',
 				);
 			} else {
-				throw error;
+				throw e;
 			}
 		});
 
@@ -216,16 +223,10 @@ export const initializeFedCM = async ({
 			credentials,
 		});
 
-		const signInEmail = extractEmailFromToken(credentials.token);
-		if (signInEmail) {
-			log('identity', `FedCM ID token for ${signInEmail} received`);
-		} else {
-			log(
-				'identity',
-				'FedCM token received but email could not be extracted from token',
-			);
-			return;
-		}
+		const signInEmail = okOrThrow(
+			extractEmailFromToken(credentials.token),
+			'Failed to extract email from FedCM token',
+		);
 
 		await submitComponentEvent(
 			{
