Simplify CallRouterRedirect.kt

Author: YektaDev

oauth2-server-core/src/main/java/nl/myndocs/oauth2/grant/CallRouterRedirect.kt

@@ -12,41 +12,27 @@ import nl.myndocs.oauth2.token.AccessToken
 import nl.myndocs.oauth2.token.CodeToken
 
 fun GrantingCall.redirect(redirect: RedirectAuthorizationCodeRequest): CodeToken {
-    if (redirect.clientId == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("client_id"))
-    }
-
-    if (redirect.username == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("username"))
-    }
-
-    if (redirect.password == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("password"))
-    }
-    if (redirect.redirectUri == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("redirect_uri"))
-    }
-
-    val clientOf = clientService.clientOf(redirect.clientId) ?: throw InvalidClientException()
+    checkMissingFields(redirect)
 
+    val clientOf = clientService.clientOf(redirect.clientId!!) ?: throw InvalidClientException()
     if (!clientOf.redirectUris.contains(redirect.redirectUri)) {
         throw InvalidGrantException("invalid 'redirect_uri'")
     }
 
-    val authorizedGrantType = AuthorizedGrantType.AUTHORIZATION_CODE
-    if (!clientOf.authorizedGrantTypes.contains(authorizedGrantType)) {
-        throw InvalidGrantException("Authorize not allowed: '$authorizedGrantType'")
+    with(AuthorizedGrantType.AUTHORIZATION_CODE) {
+        if (!clientOf.authorizedGrantTypes.contains(this)) {
+            throw InvalidGrantException("Authorize not allowed: '$this'")
+        }
     }
 
-    val identityOf = identityService.identityOf(clientOf, redirect.username) ?: throw InvalidIdentityException()
-    val validIdentity = identityService.validCredentials(clientOf, identityOf, redirect.password)
+    val identityOf = identityService.identityOf(clientOf, redirect.username!!) ?: throw InvalidIdentityException()
 
+    val validIdentity = identityService.validCredentials(clientOf, identityOf, redirect.password!!)
     if (!validIdentity) {
         throw InvalidIdentityException()
     }
 
     var requestedScopes = ScopeParser.parseScopes(redirect.scope)
-
     if (redirect.scope == null) {
         requestedScopes = clientOf.clientScopes
     }
@@ -56,7 +42,7 @@ fun GrantingCall.redirect(redirect: RedirectAuthorizationCodeRequest): CodeToken
     val codeToken = converters.codeTokenConverter.convertToToken(
         identityOf,
         clientOf.clientId,
-        redirect.redirectUri,
+        redirect.redirectUri!!,
         requestedScopes
     )
 
@@ -66,42 +52,27 @@ fun GrantingCall.redirect(redirect: RedirectAuthorizationCodeRequest): CodeToken
 }
 
 fun GrantingCall.redirect(redirect: RedirectTokenRequest): AccessToken {
-    if (redirect.clientId == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("client_id"))
-    }
-
-    if (redirect.username == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("username"))
-    }
-
-    if (redirect.password == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("password"))
-    }
-    if (redirect.redirectUri == null) {
-        throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format("redirect_uri"))
-    }
-
-    val clientOf = clientService.clientOf(redirect.clientId) ?: throw InvalidClientException()
+    checkMissingFields(redirect)
 
+    val clientOf = clientService.clientOf(redirect.clientId!!) ?: throw InvalidClientException()
     if (!clientOf.redirectUris.contains(redirect.redirectUri)) {
         throw InvalidGrantException("invalid 'redirect_uri'")
     }
 
-    val authorizedGrantType = AuthorizedGrantType.IMPLICIT
-    if (!clientOf.authorizedGrantTypes.contains(authorizedGrantType)) {
-        throw InvalidGrantException("Authorize not allowed: '$authorizedGrantType'")
+    with(AuthorizedGrantType.IMPLICIT) {
+        if (!clientOf.authorizedGrantTypes.contains(this)) {
+            throw InvalidGrantException("Authorize not allowed: '$this'")
+        }
     }
 
-    val identityOf = identityService.identityOf(clientOf, redirect.username) ?: throw InvalidIdentityException()
-
-    val validIdentity = identityService.validCredentials(clientOf, identityOf, redirect.password)
+    val identityOf = identityService.identityOf(clientOf, redirect.username!!) ?: throw InvalidIdentityException()
 
+    val validIdentity = identityService.validCredentials(clientOf, identityOf, redirect.password!!)
     if (!validIdentity) {
         throw InvalidIdentityException()
     }
 
     var requestedScopes = ScopeParser.parseScopes(redirect.scope)
-
     if (redirect.scope == null) {
         // @TODO: This behavior is not in the spec and should be configurable https://tools.ietf.org/html/rfc6749#section-3.3
         requestedScopes = clientOf.clientScopes
@@ -120,3 +91,26 @@ fun GrantingCall.redirect(redirect: RedirectTokenRequest): AccessToken {
 
     return accessToken
 }
+
+private fun throwMissingField(field: String): Nothing =
+    throw InvalidRequestException(INVALID_REQUEST_FIELD_MESSAGE.format(field))
+
+private fun checkMissingFields(redirect: RedirectTokenRequest) = with(redirect) {
+    when {
+        clientId == null -> throwMissingField("client_id")
+        username == null -> throwMissingField("username")
+        password == null -> throwMissingField("password")
+        redirectUri == null -> throwMissingField("redirect_uri")
+        else -> this
+    }
+}
+
+private fun checkMissingFields(redirect: RedirectAuthorizationCodeRequest) = with(redirect) {
+    when {
+        clientId == null -> throwMissingField("client_id")
+        username == null -> throwMissingField("username")
+        password == null -> throwMissingField("password")
+        redirectUri == null -> throwMissingField("redirect_uri")
+        else -> this
+    }
+}