nidus-sync/platform/oauth.go

package platform

import (
	"context"
	"fmt"
	"net/url"
	"time"

	"github.com/Gleipnir-Technology/nidus-sync/config"
	"github.com/Gleipnir-Technology/nidus-sync/db/gen/nidus-sync/arcgis/model"
	queryarcgis "github.com/Gleipnir-Technology/nidus-sync/db/query/arcgis"
	"github.com/Gleipnir-Technology/nidus-sync/platform/oauth"
)

// When there is no oauth for an organization
type NoOAuthForOrg struct{}

func (e NoOAuthForOrg) Error() string { return "No oauth available for organization" }

func GetOAuthForOrg(ctx context.Context, org Organization) (*model.OAuthToken, error) {
	result, err := oauth.GetOAuthForOrg(ctx, org.model)
	if result == nil && err == nil {
		return nil, &NoOAuthForOrg{}
	}
	return result, err
}

func GetOAuthForUser(ctx context.Context, user User) (*model.OAuthToken, error) {
	oauth, err := queryarcgis.OAuthTokenForUser(ctx, int64(user.ID))
	if err != nil {
		if err.Error() == "sql: no rows in result set" {
			return nil, nil
		}
		return nil, err
	}
	return &oauth, nil
}

func HandleOauthAccessCode(ctx context.Context, user User, code string) error {
	form := url.Values{
		"grant_type":   []string{"authorization_code"},
		"code":         []string{code},
		"redirect_uri": []string{config.ArcGISOauthRedirectURL()},
	}

	token, err := oauth.DoTokenRequest(ctx, form)
	if err != nil {
		return fmt.Errorf("Failed to exchange authorization code for token: %w", err)
	}
	accessExpires := oauth.FutureUTCTimestamp(token.ExpiresIn)
	refreshExpires := oauth.FutureUTCTimestamp(token.RefreshTokenExpiresIn)
	setter := model.OAuthToken{
		AccessToken:         token.AccessToken,
		AccessTokenExpires:  accessExpires,
		ArcgisAccountID:     nil,
		ArcgisID:            nil,
		ArcgisLicenseTypeID: nil,
		Created:             time.Now(),
		InvalidatedAt:       nil,
		RefreshToken:        token.RefreshToken,
		RefreshTokenExpires: refreshExpires,
		UserID:              int32(user.ID),
		Username:            token.Username,
	}
	oauth, err := queryarcgis.OAuthTokenInsert(ctx, &setter)
	if err != nil {
		return fmt.Errorf("Failed to save token to database: %w", err)
	}
	go updateArcgisUserData(context.Background(), user.model, &oauth)
	return nil
}
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`package platform`

			`import (`
			`"context"`
			`"fmt"`
			`"net/url"`
			`"time"`

			`"github.com/Gleipnir-Technology/nidus-sync/config"`
Port all of the arcgis schema to using jet Have not tested anything at this point, it just compiles. 2026-05-01 17:28:33 +00:00			`"github.com/Gleipnir-Technology/nidus-sync/db/gen/nidus-sync/arcgis/model"`
			`queryarcgis "github.com/Gleipnir-Technology/nidus-sync/db/query/arcgis"`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`"github.com/Gleipnir-Technology/nidus-sync/platform/oauth"`
			`)`

			`// When there is no oauth for an organization`
			`type NoOAuthForOrg struct{}`

			`func (e NoOAuthForOrg) Error() string { return "No oauth available for organization" }`

Port all of the arcgis schema to using jet Have not tested anything at this point, it just compiles. 2026-05-01 17:28:33 +00:00			`func GetOAuthForOrg(ctx context.Context, org Organization) (*model.OAuthToken, error) {`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`result, err := oauth.GetOAuthForOrg(ctx, org.model)`
			`if result == nil && err == nil {`
			`return nil, &NoOAuthForOrg{}`
			`}`
			`return result, err`
			`}`

Port all of the arcgis schema to using jet Have not tested anything at this point, it just compiles. 2026-05-01 17:28:33 +00:00			`func GetOAuthForUser(ctx context.Context, user User) (*model.OAuthToken, error) {`
			`oauth, err := queryarcgis.OAuthTokenForUser(ctx, int64(user.ID))`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`if err != nil {`
			`if err.Error() == "sql: no rows in result set" {`
			`return nil, nil`
			`}`
			`return nil, err`
			`}`
Get back to compiling, but using new jet for publicreport This was an epically long change, and a terrible idea, but it compiles. This was essentially a cascade that came about because I can't blend jet and bob in the same transaction. In for a penny, I guess... 2026-05-07 10:39:17 +00:00			`return &oauth, nil`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`}`

			`func HandleOauthAccessCode(ctx context.Context, user User, code string) error {`
			`form := url.Values{`
			`"grant_type": []string{"authorization_code"},`
			`"code": []string{code},`
			`"redirect_uri": []string{config.ArcGISOauthRedirectURL()},`
			`}`

			`token, err := oauth.DoTokenRequest(ctx, form)`
			`if err != nil {`
			`return fmt.Errorf("Failed to exchange authorization code for token: %w", err)`
			`}`
			`accessExpires := oauth.FutureUTCTimestamp(token.ExpiresIn)`
			`refreshExpires := oauth.FutureUTCTimestamp(token.RefreshTokenExpiresIn)`
Port all of the arcgis schema to using jet Have not tested anything at this point, it just compiles. 2026-05-01 17:28:33 +00:00			`setter := model.OAuthToken{`
			`AccessToken: token.AccessToken,`
			`AccessTokenExpires: accessExpires,`
			`ArcgisAccountID: nil,`
			`ArcgisID: nil,`
			`ArcgisLicenseTypeID: nil,`
			`Created: time.Now(),`
			`InvalidatedAt: nil,`
			`RefreshToken: token.RefreshToken,`
			`RefreshTokenExpires: refreshExpires,`
			`UserID: int32(user.ID),`
			`Username: token.Username,`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`}`
Port all of the arcgis schema to using jet Have not tested anything at this point, it just compiles. 2026-05-01 17:28:33 +00:00			`oauth, err := queryarcgis.OAuthTokenInsert(ctx, &setter)`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`if err != nil {`
			`return fmt.Errorf("Failed to save token to database: %w", err)`
			`}`
Get back to compiling, but using new jet for publicreport This was an epically long change, and a terrible idea, but it compiles. This was essentially a cascade that came about because I can't blend jet and bob in the same transaction. In for a penny, I guess... 2026-05-07 10:39:17 +00:00			`go updateArcgisUserData(context.Background(), user.model, &oauth)`
Massive rework of platform layer user/organization The goal of this rework is to make it so I can pass around platform.User instead of a pair of models.Organization and models.User. This is useful for reason I kind of forget now, but it started with working on notifications and ballooned massively from there into refactoring a number of things that were bugging me. This also includes a tiny amount of work on server-side events (SSE). * background stuff lives inside the platform now, which I need for having it push updates through SSE * userfile now lives in the platform, under file, so other platform functions can safely use it * oauth is broken into pieces and inside platform because other stuff was calling it already, but badly. * notifications go into the platform as well 2026-03-12 23:49:16 +00:00			`return nil`
			`}`