scrub secrets and ask for less user info

Author: tayloraswift

Sources/GitHubClient/GitHubApplication.Client.swift renamed to Sources/GitHubClient/GitHubClient.swift

@@ -4,35 +4,51 @@ import JSON
 import NIOCore
 import NIOHPACK
 
-extension GitHubApplication
+@frozen public
+struct GitHubClient<Application> where Application:GitHubApplication
 {
-    @frozen public
-    struct Client
-    {
-        private
-        let http2:ClientInterface
-
-        public
-        let app:GitHubApplication
+    private
+    let http2:HTTP2Client
+    public
+    let app:Application
 
-        public
-        init(http2:ClientInterface, app:GitHubApplication)
-        {
-            self.http2 = http2
-            self.app = app
-        }
+    public
+    init(http2:HTTP2Client, app:Application)
+    {
+        self.http2 = http2
+        self.app = app
     }
 }
-extension GitHubApplication.Client:Identifiable
+extension GitHubClient:Identifiable
 {
     @inlinable public
     var id:String { self.app.client }
 
     @inlinable public
     var secret:String { self.app.secret }
 }
-extension GitHubApplication.Client
+extension GitHubClient
 {
+    public
+    func refresh(token:String) async -> Result<GitHubTokens, GitHubAuthenticationError>
+    {
+        let request:HPACKHeaders =
+        [
+            ":method": "POST",
+            ":scheme": "https",
+            ":authority": "github.com",
+            ":path": """
+                /login/oauth/access_token?\
+                grant_type=refresh_token&\
+                client_id=\(self.id)&client_secret=\(self.secret)&refresh_token=\(token)
+                """,
+
+            "accept": "application/vnd.github+json",
+        ]
+
+        return await self.authenticate(sending: request)
+    }
+
     public
     func exchange(code:String) async -> Result<GitHubTokens, GitHubAuthenticationError>
     {
@@ -49,7 +65,14 @@ extension GitHubApplication.Client
             "accept": "application/vnd.github+json",
         ]
 
-        let response:ClientInterface.Facet
+        return await self.authenticate(sending: request)
+    }
+
+    private
+    func authenticate(
+        sending request:HPACKHeaders) async -> Result<GitHubTokens, GitHubAuthenticationError>
+    {
+        let response:HTTP2Client.Facet
         do
         {
             response = try await self.http2.fetch(request)

Sources/GitHubClient/exports.swift

@@ -0,0 +1,21 @@
+/// The essence of a GitHub App, which is a type of GitHub application.
+@frozen public
+struct GitHubApp:GitHubApplication, Identifiable
+{
+    /// The app id number. This is different from the client id.
+    public
+    let id:Int?
+
+    public
+    let client:String
+    public
+    let secret:String
+
+    @inlinable public
+    init(_ id:Int?, client:String, secret:String)
+    {
+        self.id = id
+        self.client = client
+        self.secret = secret
+    }
+}

Sources/GitHubIntegration/GitHubApp.swift

@@ -1,19 +1,7 @@
-@frozen public
-struct GitHubApplication:Identifiable, Equatable, Hashable, Sendable
+/// The essence of a GitHub application. Not to be confused with ``GitHubApp``.
+public
+protocol GitHubApplication:Equatable, Hashable, Sendable
 {
-    public
-    let id:Int
-
-    public
-    let client:String
-    public
-    let secret:String
-
-    @inlinable public
-    init(_ id:Int, client:String, secret:String)
-    {
-        self.id = id
-        self.client = client
-        self.secret = secret
-    }
+    var client:String { get }
+    var secret:String { get }
 }

Sources/GitHubIntegration/GitHubApplication.swift

@@ -0,0 +1,21 @@
+@frozen public
+struct GitHubCredential<Instant>:Sendable where Instant:Sendable
+{
+    public
+    let expires:Instant
+    public
+    let token:String
+
+    @inlinable public
+    init(expires:Instant, token:String)
+    {
+        self.expires = expires
+        self.token = token
+    }
+}
+extension GitHubCredential:Equatable where Instant:Equatable
+{
+}
+extension GitHubCredential:Hashable where Instant:Hashable
+{
+}

Sources/GitHubIntegration/GitHubCredential.swift

@@ -0,0 +1,16 @@
+/// The essence of a GitHub OAuth application.
+@frozen public
+struct GitHubOAuth:GitHubApplication
+{
+    public
+    let client:String
+    public
+    let secret:String
+
+    @inlinable public
+    init(client:String, secret:String)
+    {
+        self.client = client
+        self.secret = secret
+    }
+}

Sources/GitHubIntegration/GitHubOAuth.swift

@@ -1,13 +1,13 @@
 @frozen public
 struct GitHubToken:Equatable, Hashable, Sendable
 {
-    public
-    let secondsRemaining:Int
     public
     let value:String
+    public
+    let secondsRemaining:Int64
 
     @inlinable public
-    init(value:String, secondsRemaining:Int)
+    init(value:String, secondsRemaining:Int64)
     {
         self.value = value
         self.secondsRemaining = secondsRemaining

Sources/GitHubIntegration/GitHubToken.swift

@@ -21,13 +21,13 @@ extension ClientInterfaceHandler:ChannelOutboundHandler
     typealias OutboundOut = HTTP2Frame
     typealias OutboundIn =
     (
-        owner:AsyncThrowingStream<ClientInterface.Facet, any Error>.Continuation,
+        owner:AsyncThrowingStream<HTTP2Client.Facet, any Error>.Continuation,
         batch:[HPACKHeaders]
     )
 
     func write(context:ChannelHandlerContext, data:NIOAny, promise:EventLoopPromise<Void>?)
     {
-        let owner:AsyncThrowingStream<ClientInterface.Facet, any Error>.Continuation
+        let owner:AsyncThrowingStream<HTTP2Client.Facet, any Error>.Continuation
         let batch:[HPACKHeaders]
 
         (owner, batch) = self.unwrapOutboundIn(data)

Sources/HTTPClient/ClientInterfaceHandler.swift

@@ -6,11 +6,11 @@ final
 class ClientStreamHandler
 {
     private
-    var owner:AsyncThrowingStream<ClientInterface.Facet, any Error>.Continuation?
+    var owner:AsyncThrowingStream<HTTP2Client.Facet, any Error>.Continuation?
     private
-    var facet:ClientInterface.Facet
+    var facet:HTTP2Client.Facet
 
-    init(owner:AsyncThrowingStream<ClientInterface.Facet, any Error>.Continuation?)
+    init(owner:AsyncThrowingStream<HTTP2Client.Facet, any Error>.Continuation?)
     {
         self.owner = owner
         self.facet = .init()

Sources/HTTPClient/ClientStreamHandler.swift

@@ -2,7 +2,7 @@ import NIOCore
 import NIOHPACK
 import NIOHTTP2
 
-extension ClientInterface
+extension HTTP2Client
 {
     @frozen public
     struct Facet:Sendable
@@ -19,7 +19,7 @@ extension ClientInterface
         }
     }
 }
-extension ClientInterface.Facet
+extension HTTP2Client.Facet
 {
     /// Validates the payload and adds it to the facet. Returns true if the frame is the last
     /// frame of the response stream, false otherwise.
@@ -45,6 +45,6 @@ extension ClientInterface.Facet
             break
         }
 
-        throw ClientInterface.UnexpectedFrameError.init(payload)
+        throw HTTP2Client.UnexpectedFrameError.init(payload)
     }
 }