refactor(backend): service http ports

2025-12-20 11:56:11 +08:00
parent 5c2e7ae265
commit cceada7dae
22 changed files with 927 additions and 695 deletions
--- a/backend/internal/service/oauth_service.go
+++ b/backend/internal/service/oauth_service.go
@@ -2,32 +2,36 @@ package service

 import (
 	"context"
-	"encoding/json"
 	"fmt"
 	"log"
-	"net/http"
-	"net/url"
-	"strings"
 	"time"

 	"sub2api/internal/model"
 	"sub2api/internal/pkg/oauth"
 	"sub2api/internal/service/ports"
-
-	"github.com/imroc/req/v3"
 )

+// ClaudeOAuthClient handles HTTP requests for Claude OAuth flows
+type ClaudeOAuthClient interface {
+	GetOrganizationUUID(ctx context.Context, sessionKey, proxyURL string) (string, error)
+	GetAuthorizationCode(ctx context.Context, sessionKey, orgUUID, scope, codeChallenge, state, proxyURL string) (string, error)
+	ExchangeCodeForToken(ctx context.Context, code, codeVerifier, state, proxyURL string) (*oauth.TokenResponse, error)
+	RefreshToken(ctx context.Context, refreshToken, proxyURL string) (*oauth.TokenResponse, error)
+}
+
 // OAuthService handles OAuth authentication flows
 type OAuthService struct {
 	sessionStore *oauth.SessionStore
 	proxyRepo    ports.ProxyRepository
+	oauthClient  ClaudeOAuthClient
 }

 // NewOAuthService creates a new OAuth service
-func NewOAuthService(proxyRepo ports.ProxyRepository) *OAuthService {
+func NewOAuthService(proxyRepo ports.ProxyRepository, oauthClient ClaudeOAuthClient) *OAuthService {
 	return &OAuthService{
 		sessionStore: oauth.NewSessionStore(),
 		proxyRepo:    proxyRepo,
+		oauthClient:  oauthClient,
 	}
 }

@@ -210,177 +214,21 @@ func (s *OAuthService) CookieAuth(ctx context.Context, input *CookieAuthInput) (

 // getOrganizationUUID gets the organization UUID from claude.ai using sessionKey
 func (s *OAuthService) getOrganizationUUID(ctx context.Context, sessionKey, proxyURL string) (string, error) {
-	client := s.createReqClient(proxyURL)
-
-	var orgs []struct {
-		UUID string `json:"uuid"`
-	}
-
-	targetURL := "https://claude.ai/api/organizations"
-	log.Printf("[OAuth] Step 1: Getting organization UUID from %s", targetURL)
-
-	resp, err := client.R().
-		SetContext(ctx).
-		SetCookies(&http.Cookie{
-			Name:  "sessionKey",
-			Value: sessionKey,
-		}).
-		SetSuccessResult(&orgs).
-		Get(targetURL)
-
-	if err != nil {
-		log.Printf("[OAuth] Step 1 FAILED - Request error: %v", err)
-		return "", fmt.Errorf("request failed: %w", err)
-	}
-
-	log.Printf("[OAuth] Step 1 Response - Status: %d, Body: %s", resp.StatusCode, resp.String())
-
-	if !resp.IsSuccessState() {
-		return "", fmt.Errorf("failed to get organizations: status %d, body: %s", resp.StatusCode, resp.String())
-	}
-
-	if len(orgs) == 0 {
-		return "", fmt.Errorf("no organizations found")
-	}
-
-	log.Printf("[OAuth] Step 1 SUCCESS - Got org UUID: %s", orgs[0].UUID)
-	return orgs[0].UUID, nil
+	return s.oauthClient.GetOrganizationUUID(ctx, sessionKey, proxyURL)
 }

 // getAuthorizationCode gets the authorization code using sessionKey
 func (s *OAuthService) getAuthorizationCode(ctx context.Context, sessionKey, orgUUID, scope, codeChallenge, state, proxyURL string) (string, error) {
-	client := s.createReqClient(proxyURL)
-
-	authURL := fmt.Sprintf("https://claude.ai/v1/oauth/%s/authorize", orgUUID)
-
-	// Build request body - must include organization_uuid as per CRS
-	reqBody := map[string]interface{}{
-		"response_type":         "code",
-		"client_id":             oauth.ClientID,
-		"organization_uuid":     orgUUID, // Required field!
-		"redirect_uri":          oauth.RedirectURI,
-		"scope":                 scope,
-		"state":                 state,
-		"code_challenge":        codeChallenge,
-		"code_challenge_method": "S256",
-	}
-
-	reqBodyJSON, _ := json.Marshal(reqBody)
-	log.Printf("[OAuth] Step 2: Getting authorization code from %s", authURL)
-	log.Printf("[OAuth] Step 2 Request Body: %s", string(reqBodyJSON))
-
-	// Response contains redirect_uri with code, not direct code field
-	var result struct {
-		RedirectURI string `json:"redirect_uri"`
-	}
-
-	resp, err := client.R().
-		SetContext(ctx).
-		SetCookies(&http.Cookie{
-			Name:  "sessionKey",
-			Value: sessionKey,
-		}).
-		SetHeader("Accept", "application/json").
-		SetHeader("Accept-Language", "en-US,en;q=0.9").
-		SetHeader("Cache-Control", "no-cache").
-		SetHeader("Origin", "https://claude.ai").
-		SetHeader("Referer", "https://claude.ai/new").
-		SetHeader("Content-Type", "application/json").
-		SetBody(reqBody).
-		SetSuccessResult(&result).
-		Post(authURL)
-
-	if err != nil {
-		log.Printf("[OAuth] Step 2 FAILED - Request error: %v", err)
-		return "", fmt.Errorf("request failed: %w", err)
-	}
-
-	log.Printf("[OAuth] Step 2 Response - Status: %d, Body: %s", resp.StatusCode, resp.String())
-
-	if !resp.IsSuccessState() {
-		return "", fmt.Errorf("failed to get authorization code: status %d, body: %s", resp.StatusCode, resp.String())
-	}
-
-	if result.RedirectURI == "" {
-		return "", fmt.Errorf("no redirect_uri in response")
-	}
-
-	// Parse redirect_uri to extract code and state
-	parsedURL, err := url.Parse(result.RedirectURI)
-	if err != nil {
-		return "", fmt.Errorf("failed to parse redirect_uri: %w", err)
-	}
-
-	queryParams := parsedURL.Query()
-	authCode := queryParams.Get("code")
-	responseState := queryParams.Get("state")
-
-	if authCode == "" {
-		return "", fmt.Errorf("no authorization code in redirect_uri")
-	}
-
-	// Combine code with state if present (as CRS does)
-	fullCode := authCode
-	if responseState != "" {
-		fullCode = authCode + "#" + responseState
-	}
-
-	log.Printf("[OAuth] Step 2 SUCCESS - Got authorization code: %s...", authCode[:20])
-	return fullCode, nil
+	return s.oauthClient.GetAuthorizationCode(ctx, sessionKey, orgUUID, scope, codeChallenge, state, proxyURL)
 }

 // exchangeCodeForToken exchanges authorization code for tokens
 func (s *OAuthService) exchangeCodeForToken(ctx context.Context, code, codeVerifier, state, proxyURL string) (*TokenInfo, error) {
-	client := s.createReqClient(proxyURL)
-
-	// Parse code#state format if present
-	authCode := code
-	codeState := ""
-	if parts := strings.Split(code, "#"); len(parts) > 1 {
-		authCode = parts[0]
-		codeState = parts[1]
-	}
-
-	// Build JSON body as CRS does (not form data!)
-	reqBody := map[string]interface{}{
-		"code":          authCode,
-		"grant_type":    "authorization_code",
-		"client_id":     oauth.ClientID,
-		"redirect_uri":  oauth.RedirectURI,
-		"code_verifier": codeVerifier,
-	}
-
-	// Add state if present
-	if codeState != "" {
-		reqBody["state"] = codeState
-	}
-
-	reqBodyJSON, _ := json.Marshal(reqBody)
-	log.Printf("[OAuth] Step 3: Exchanging code for token at %s", oauth.TokenURL)
-	log.Printf("[OAuth] Step 3 Request Body: %s", string(reqBodyJSON))
-
-	var tokenResp oauth.TokenResponse
-
-	resp, err := client.R().
-		SetContext(ctx).
-		SetHeader("Content-Type", "application/json").
-		SetBody(reqBody).
-		SetSuccessResult(&tokenResp).
-		Post(oauth.TokenURL)
-
+	tokenResp, err := s.oauthClient.ExchangeCodeForToken(ctx, code, codeVerifier, state, proxyURL)
 	if err != nil {
-		log.Printf("[OAuth] Step 3 FAILED - Request error: %v", err)
-		return nil, fmt.Errorf("request failed: %w", err)
+		return nil, err
 	}

-	log.Printf("[OAuth] Step 3 Response - Status: %d, Body: %s", resp.StatusCode, resp.String())
-
-	if !resp.IsSuccessState() {
-		return nil, fmt.Errorf("token exchange failed: status %d, body: %s", resp.StatusCode, resp.String())
-	}
-
-	log.Printf("[OAuth] Step 3 SUCCESS - Got access token")
-
 	tokenInfo := &TokenInfo{
 		AccessToken:  tokenResp.AccessToken,
 		TokenType:    tokenResp.TokenType,
@@ -390,7 +238,6 @@ func (s *OAuthService) exchangeCodeForToken(ctx context.Context, code, codeVerif
 		Scope:        tokenResp.Scope,
 	}

-	// Extract org_uuid and account_uuid from response
 	if tokenResp.Organization != nil && tokenResp.Organization.UUID != "" {
 		tokenInfo.OrgUUID = tokenResp.Organization.UUID
 		log.Printf("[OAuth] Got org_uuid: %s", tokenInfo.OrgUUID)
@@ -405,27 +252,9 @@ func (s *OAuthService) exchangeCodeForToken(ctx context.Context, code, codeVerif

 // RefreshToken refreshes an OAuth token
 func (s *OAuthService) RefreshToken(ctx context.Context, refreshToken string, proxyURL string) (*TokenInfo, error) {
-	client := s.createReqClient(proxyURL)
-
-	formData := url.Values{}
-	formData.Set("grant_type", "refresh_token")
-	formData.Set("refresh_token", refreshToken)
-	formData.Set("client_id", oauth.ClientID)
-
-	var tokenResp oauth.TokenResponse
-
-	resp, err := client.R().
-		SetContext(ctx).
-		SetFormDataFromValues(formData).
-		SetSuccessResult(&tokenResp).
-		Post(oauth.TokenURL)
-
+	tokenResp, err := s.oauthClient.RefreshToken(ctx, refreshToken, proxyURL)
 	if err != nil {
-		return nil, fmt.Errorf("request failed: %w", err)
-	}
-
-	if !resp.IsSuccessState() {
-		return nil, fmt.Errorf("token refresh failed: status %d, body: %s", resp.StatusCode, resp.String())
+		return nil, err
 	}

 	return &TokenInfo{
@@ -455,17 +284,3 @@ func (s *OAuthService) RefreshAccountToken(ctx context.Context, account *model.A

 	return s.RefreshToken(ctx, refreshToken, proxyURL)
 }
-
-// createReqClient creates a req client with Chrome impersonation and optional proxy
-func (s *OAuthService) createReqClient(proxyURL string) *req.Client {
-	client := req.C().
-		ImpersonateChrome(). // Impersonate Chrome browser to bypass Cloudflare
-		SetTimeout(60 * time.Second)
-
-	// Set proxy if specified
-	if proxyURL != "" {
-		client.SetProxyURL(proxyURL)
-	}
-
-	return client
-}