Merge pull request #119 from deploymenttheory/dev

large refactor to decouple componants within the httpclient into dist…

Author: ShocOne

apiintegrations/apihandler/apihandler.go

@@ -0,0 +1,58 @@
+// apiintegrations/apihandler/apihandler.go
+package apihandler
+
+import (
+	"net/http"
+
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/jamfpro"
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/msgraph"
+	"github.com/deploymenttheory/go-api-http-client/logger"
+	"go.uber.org/zap"
+)
+
+// APIHandler is an interface for encoding, decoding, and implenting contexual api functions for different API implementations.
+// It encapsulates behavior for encoding and decoding requests and responses.
+type APIHandler interface {
+	ConstructAPIResourceEndpoint(instanceName string, endpointPath string, log logger.Logger) string
+	ConstructAPIAuthEndpoint(instanceName string, endpointPath string, log logger.Logger) string
+	MarshalRequest(body interface{}, method string, endpoint string, log logger.Logger) ([]byte, error)
+	MarshalMultipartRequest(fields map[string]string, files map[string]string, log logger.Logger) ([]byte, string, error)
+	HandleAPISuccessResponse(resp *http.Response, out interface{}, log logger.Logger) error
+	HandleAPIErrorResponse(resp *http.Response, out interface{}, log logger.Logger) error
+	GetContentTypeHeader(method string, log logger.Logger) string
+	GetAcceptHeader() string
+	GetDefaultBaseDomain() string
+	GetOAuthTokenEndpoint() string
+	GetBearerTokenEndpoint() string
+	GetTokenRefreshEndpoint() string
+	GetTokenInvalidateEndpoint() string
+	GetAPIBearerTokenAuthenticationSupportStatus() bool
+	GetAPIOAuthAuthenticationSupportStatus() bool
+	GetAPIOAuthWithCertAuthenticationSupportStatus() bool
+	GetAPIRequestHeaders(endpoint string) map[string]string // Provides standard headers required for making API requests.
+}
+
+// LoadAPIHandler returns an APIHandler based on the provided API type.
+// 'apiType' parameter could be "jamf" or "graph" to specify which API handler to load.
+func LoadAPIHandler(apiType string, log logger.Logger) (APIHandler, error) {
+	var apiHandler APIHandler
+	switch apiType {
+	case "jamfpro":
+		apiHandler = &jamfpro.JamfAPIHandler{
+			Logger: log,
+			// Initialize with necessary parameters
+		}
+		log.Info("API handler loaded successfully", zap.String("APIType", apiType))
+
+	case "msgraph":
+		apiHandler = &msgraph.GraphAPIHandler{
+			// Initialize with necessary parameters
+		}
+		log.Info("API handler loaded successfully", zap.String("APIType", apiType))
+
+	default:
+		return nil, log.Error("Unsupported API type", zap.String("APIType", apiType))
+	}
+
+	return apiHandler, nil
+}

apiintegrations/apihandler/apihandler_test.go

@@ -0,0 +1,68 @@
+// apiintegrations/apihandler/apihandler_test.go
+package apihandler
+
+import (
+	"testing"
+
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/jamfpro"
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/msgraph"
+	"github.com/deploymenttheory/go-api-http-client/mocklogger"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/mock"
+)
+
+func TestLoadAPIHandler(t *testing.T) {
+	// Create a mock logger for testing purposes.
+	mockLog := mocklogger.NewMockLogger()
+
+	// Define your test cases.
+	tests := []struct {
+		name     string
+		apiType  string
+		wantType interface{}
+		wantErr  bool
+	}{
+		{
+			name:     "Load JamfPro Handler",
+			apiType:  "jamfpro",
+			wantType: &jamfpro.JamfAPIHandler{},
+			wantErr:  false,
+		},
+		{
+			name:     "Load Graph Handler",
+			apiType:  "msgraph",
+			wantType: &msgraph.GraphAPIHandler{},
+			wantErr:  false,
+		},
+		{
+			name:    "Unsupported API Type",
+			apiType: "unknown",
+			wantErr: true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Setup expectations for the mock logger based on whether an error is expected.
+			if tt.wantErr {
+				mockLog.On("Error", mock.Anything, mock.Anything, mock.Anything).Return().Once()
+			} else {
+				mockLog.On("Info", mock.Anything, mock.Anything, mock.Anything).Return().Once()
+			}
+
+			// Attempt to load the API handler.
+			got, err := LoadAPIHandler(tt.apiType, mockLog)
+
+			// Assert error handling.
+			if tt.wantErr {
+				assert.Error(t, err)
+			} else {
+				assert.NoError(t, err)
+				assert.IsType(t, tt.wantType, got, "Got %T, want %T", got, tt.wantType)
+			}
+
+			// Assert that the mock logger's expectations were met.
+			mockLog.AssertExpectations(t)
+		})
+	}
+}

apihandlers/github/github_api_handler.go renamed to apiintegrations/github/github_api_handler.go

@@ -0,0 +1,108 @@
+// authenticationhandler/auth_bearer_token.go
+/* The http_client_auth package focuses on authentication mechanisms for an HTTP client.
+It provides structures and methods for handling both basic and bearer token based authentication
+*/
+
+package authenticationhandler
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/apihandler"
+	"go.uber.org/zap"
+)
+
+// ObtainToken fetches and sets an authentication token using the stored basic authentication credentials.
+func (h *AuthTokenHandler) ObtainToken(apiHandler apihandler.APIHandler, httpClient *http.Client, username string, password string) error {
+
+	// Use the APIHandler's method to get the bearer token endpoint
+	bearerTokenEndpoint := apiHandler.GetBearerTokenEndpoint()
+
+	// Construct the full authentication endpoint URL
+	authenticationEndpoint := apiHandler.ConstructAPIAuthEndpoint(h.InstanceName, bearerTokenEndpoint, h.Logger)
+
+	h.Logger.Debug("Attempting to obtain token for user", zap.String("Username", username))
+
+	req, err := http.NewRequest("POST", authenticationEndpoint, nil)
+	if err != nil {
+		h.Logger.LogError("authentication_request_creation_error", "POST", authenticationEndpoint, 0, "", err, "Failed to create new request for token")
+		return err
+	}
+	req.SetBasicAuth(username, password)
+
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		h.Logger.LogError("authentication_request_error", "POST", authenticationEndpoint, resp.StatusCode, resp.Status, err, "Failed to make request for token")
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		h.Logger.LogError("token_authentication_failed", "POST", authenticationEndpoint, resp.StatusCode, resp.Status, fmt.Errorf("authentication failed with status code: %d", resp.StatusCode), "Token acquisition attempt resulted in a non-OK response")
+		return fmt.Errorf("received non-OK response status: %d", resp.StatusCode)
+	}
+
+	tokenResp := &TokenResponse{}
+	err = json.NewDecoder(resp.Body).Decode(tokenResp)
+	if err != nil {
+		h.Logger.Error("Failed to decode token response", zap.Error(err))
+		return err
+	}
+
+	h.Token = tokenResp.Token
+	h.Expires = tokenResp.Expires
+	tokenDuration := time.Until(h.Expires)
+
+	h.Logger.Info("Token obtained successfully", zap.Time("Expiry", h.Expires), zap.Duration("Duration", tokenDuration))
+
+	return nil
+}
+
+// RefreshToken refreshes the current authentication token.
+func (h *AuthTokenHandler) RefreshToken(apiHandler apihandler.APIHandler, httpClient *http.Client) error {
+	h.tokenLock.Lock()
+	defer h.tokenLock.Unlock()
+
+	// Use the APIHandler's method to get the token refresh endpoint
+	apiTokenRefreshEndpoint := apiHandler.GetTokenRefreshEndpoint()
+
+	// Construct the full authentication endpoint URL
+	tokenRefreshEndpoint := apiHandler.ConstructAPIAuthEndpoint(h.InstanceName, apiTokenRefreshEndpoint, h.Logger)
+
+	h.Logger.Debug("Attempting to refresh token", zap.String("URL", tokenRefreshEndpoint))
+
+	req, err := http.NewRequest("POST", tokenRefreshEndpoint, nil)
+	if err != nil {
+		h.Logger.Error("Failed to create new request for token refresh", zap.Error(err))
+		return err
+	}
+	req.Header.Add("Authorization", "Bearer "+h.Token)
+
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		h.Logger.Error("Failed to make request for token refresh", zap.Error(err))
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		h.Logger.Warn("Token refresh response status is not OK", zap.Int("StatusCode", resp.StatusCode))
+		return fmt.Errorf("token refresh failed with status code: %d", resp.StatusCode)
+	}
+
+	tokenResp := &TokenResponse{}
+	err = json.NewDecoder(resp.Body).Decode(tokenResp)
+	if err != nil {
+		h.Logger.Error("Failed to decode token response", zap.Error(err))
+		return err
+	}
+
+	h.Token = tokenResp.Token
+	h.Expires = tokenResp.Expires
+	h.Logger.Info("Token refreshed successfully", zap.Time("Expiry", tokenResp.Expires))
+
+	return nil
+}

apihandlers/github/github_api_handler_constants.go renamed to apiintegrations/github/github_api_handler_constants.go

@@ -0,0 +1,47 @@
+// authenticationhandler/auth_handler.go
+
+package authenticationhandler
+
+import (
+	"sync"
+	"time"
+
+	"github.com/deploymenttheory/go-api-http-client/logger"
+)
+
+// AuthTokenHandler manages authentication tokens.
+type AuthTokenHandler struct {
+	Credentials       ClientCredentials // Credentials holds the authentication credentials.
+	Token             string            // Token holds the current authentication token.
+	Expires           time.Time         // Expires indicates the expiry time of the current authentication token.
+	Logger            logger.Logger     // Logger provides structured logging capabilities for logging information, warnings, and errors.
+	AuthMethod        string            // AuthMethod specifies the method of authentication, e.g., "bearer" or "oauth".
+	InstanceName      string            // InstanceName represents the name of the instance or environment the client is interacting with.
+	tokenLock         sync.Mutex        // tokenLock ensures thread-safe access to the token and its expiry to prevent concurrent write/read issues.
+	HideSensitiveData bool
+}
+
+// ClientCredentials holds the credentials necessary for authentication.
+type ClientCredentials struct {
+	Username     string
+	Password     string
+	ClientID     string
+	ClientSecret string
+}
+
+// TokenResponse represents the structure of a token response from the API.
+type TokenResponse struct {
+	Token   string    `json:"token"`
+	Expires time.Time `json:"expires"`
+}
+
+// NewAuthTokenHandler creates a new instance of AuthTokenHandler.
+func NewAuthTokenHandler(logger logger.Logger, authMethod string, credentials ClientCredentials, instanceName string, hideSensitiveData bool) *AuthTokenHandler {
+	return &AuthTokenHandler{
+		Logger:            logger,
+		AuthMethod:        authMethod,
+		Credentials:       credentials,
+		InstanceName:      instanceName,
+		HideSensitiveData: hideSensitiveData,
+	}
+}

apihandlers/jamfpro/README.MD renamed to apiintegrations/jamfpro/README.MD

@@ -0,0 +1,100 @@
+// authenticationhandler/auth_oauth.go
+
+/* The http_client_auth package focuses on authentication mechanisms for an HTTP client.
+It provides structures and methods for handling OAuth-based authentication
+*/
+
+package authenticationhandler
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/deploymenttheory/go-api-http-client/apiintegrations/apihandler"
+	"github.com/deploymenttheory/go-api-http-client/headers"
+	"go.uber.org/zap"
+)
+
+// OAuthResponse represents the response structure when obtaining an OAuth access token.
+type OAuthResponse struct {
+	AccessToken  string `json:"access_token"`            // AccessToken is the token that can be used in subsequent requests for authentication.
+	ExpiresIn    int64  `json:"expires_in"`              // ExpiresIn specifies the duration in seconds after which the access token expires.
+	TokenType    string `json:"token_type"`              // TokenType indicates the type of token, typically "Bearer".
+	RefreshToken string `json:"refresh_token,omitempty"` // RefreshToken is used to obtain a new access token when the current one expires.
+	Error        string `json:"error,omitempty"`         // Error contains details if an error occurs during the token acquisition process.
+}
+
+// ObtainOAuthToken fetches an OAuth access token using the provided client ID and client secret.
+// It updates the AuthTokenHandler's Token and Expires fields with the obtained values.
+func (h *AuthTokenHandler) ObtainOAuthToken(apiHandler apihandler.APIHandler, httpClient *http.Client, clientID, clientSecret string) error {
+	// Use the APIHandler's method to get the OAuth token endpoint
+	oauthTokenEndpoint := apiHandler.GetOAuthTokenEndpoint()
+
+	// Construct the full authentication endpoint URL
+	authenticationEndpoint := apiHandler.ConstructAPIAuthEndpoint(h.InstanceName, oauthTokenEndpoint, h.Logger)
+
+	data := url.Values{}
+	data.Set("client_id", clientID)
+	data.Set("client_secret", clientSecret)
+	data.Set("grant_type", "client_credentials")
+
+	h.Logger.Debug("Attempting to obtain OAuth token", zap.String("ClientID", clientID))
+
+	req, err := http.NewRequest("POST", authenticationEndpoint, strings.NewReader(data.Encode()))
+	if err != nil {
+		h.Logger.Error("Failed to create request for OAuth token", zap.Error(err))
+		return err
+	}
+	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		h.Logger.Error("Failed to execute request for OAuth token", zap.Error(err))
+		return err
+	}
+	defer resp.Body.Close()
+
+	bodyBytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		h.Logger.Error("Failed to read response body", zap.Error(err))
+		return err
+	}
+
+	// Reset the response body to its original state
+	resp.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+
+	oauthResp := &OAuthResponse{}
+	err = json.Unmarshal(bodyBytes, oauthResp)
+	if err != nil {
+		h.Logger.Error("Failed to decode OAuth response", zap.Error(err))
+		return err
+	}
+
+	if oauthResp.Error != "" {
+		h.Logger.Error("Error obtaining OAuth token", zap.String("Error", oauthResp.Error))
+		return fmt.Errorf("error obtaining OAuth token: %s", oauthResp.Error)
+	}
+
+	if oauthResp.AccessToken == "" {
+		h.Logger.Error("Empty access token received")
+		return fmt.Errorf("empty access token received")
+	}
+
+	expiresIn := time.Duration(oauthResp.ExpiresIn) * time.Second
+	expirationTime := time.Now().Add(expiresIn)
+
+	// Modified log call using the helper function
+	redactedAccessToken := headers.RedactSensitiveHeaderData(h.HideSensitiveData, "AccessToken", oauthResp.AccessToken)
+	h.Logger.Info("OAuth token obtained successfully", zap.String("AccessToken", redactedAccessToken), zap.Duration("ExpiresIn", expiresIn), zap.Time("ExpirationTime", expirationTime))
+
+	h.Token = oauthResp.AccessToken
+	h.Expires = expirationTime
+
+	return nil
+}