remove unnecessary

StekPerepolnen · StekPerepolnen · commit 62ab8ab61f71 · 2024-11-20T13:32:27.000Z
diff --git a/ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp b/ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp
@@ -20,17 +20,6 @@ THandlerImpersonateStart::THandlerImpersonateStart(const NActors::TActorId& send
     , Settings(settings)
 {}
 
-TString THandlerImpersonateStart::DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx) {
-    TString token;
-    try {
-        Base64StrictDecode(cookie, token);
-    } catch (std::exception& e) {
-        LOG_DEBUG_S(ctx, EService::MVP, "Base64Decode " << cookie << " cookie: " << e.what());
-        token.clear();
-    }
-    return token;
-}
-
 void THandlerImpersonateStart::Bootstrap(const NActors::TActorContext& ctx) {
     LOG_DEBUG_S(ctx, EService::MVP, "Start impersonation process");
     NHttp::TUrlParameters urlParameters(Request->URL);
diff --git a/ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h b/ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h
@@ -15,10 +15,8 @@ class THandlerImpersonateStart : public NActors::TActorBootstrapped<THandlerImpe
     const NHttp::THttpIncomingRequestPtr Request;
     NActors::TActorId HttpProxyId;
     const TOpenIdConnectSettings Settings;
-    TContext Context;
 
 public:
-    TString DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx);
     THandlerImpersonateStart(const NActors::TActorId& sender,
                              const NHttp::THttpIncomingRequestPtr& request,
                              const NActors::TActorId& httpProxyId,
diff --git a/ydb/mvp/oidc_proxy/oidc_impersonate_stop_page_nebius.h b/ydb/mvp/oidc_proxy/oidc_impersonate_stop_page_nebius.h
@@ -15,7 +15,6 @@ class THandlerImpersonateStop : public NActors::TActorBootstrapped<THandlerImper
     const NHttp::THttpIncomingRequestPtr Request;
     NActors::TActorId HttpProxyId;
     const TOpenIdConnectSettings Settings;
-    TContext Context;
 
 public:
     THandlerImpersonateStop(const NActors::TActorId& sender,
diff --git a/ydb/mvp/oidc_proxy/oidc_protected_page_nebius.cpp b/ydb/mvp/oidc_proxy/oidc_protected_page_nebius.cpp
@@ -26,17 +26,6 @@ TStringBuf THandlerSessionServiceCheckNebius::GetCookie(const NHttp::TCookies& c
     return cookieValue;
 }
 
-TString THandlerSessionServiceCheckNebius::DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx) {
-    TString token;
-    try {
-        Base64StrictDecode(cookie, token);
-    } catch (std::exception& e) {
-        LOG_DEBUG_S(ctx, EService::MVP, "Base64Decode " << cookie << " cookie: " << e.what());
-        token.clear();
-    }
-    return token;
-}
-
 void THandlerSessionServiceCheckNebius::StartOidcProcess(const NActors::TActorContext& ctx) {
     NHttp::THeaders headers(Request->Headers);
     LOG_DEBUG_S(ctx, EService::MVP, "Start OIDC process");
@@ -99,9 +88,8 @@ void THandlerSessionServiceCheckNebius:: HandleExchange(NHttp::TEvHttpProxy::TEv
     }
 }
 
-void THandlerSessionServiceCheckNebius::ExchangeSessionToken(const TString sessionToken, const NActors::TActorContext& ctx) {
-    LOG_DEBUG_S(ctx, EService::MVP, "Exchange session token");
-    tokenExchangeType = ETokenExchangeType::SessionToken;
+void THandlerSessionServiceCheckNebius::SendTokenExchangeRequest(const TStringBuilder& body, const ETokenExchangeType exchangeType, const NActors::TActorContext& ctx) {
+    tokenExchangeType = exchangeType;
     NHttp::THttpOutgoingRequestPtr httpRequest = NHttp::THttpOutgoingRequest::CreateRequestPost(Settings.GetExchangeEndpointURL());
     httpRequest->Set<&NHttp::THttpRequest::ContentType>("application/x-www-form-urlencoded");
 
@@ -111,42 +99,34 @@ void THandlerSessionServiceCheckNebius::ExchangeSessionToken(const TString sessi
         token = tokenator->GetToken(Settings.SessionServiceTokenName);
     }
     httpRequest->Set("Authorization", token); // Bearer included
+    httpRequest->Set<&NHttp::THttpRequest::Body>(body);
+
+    ctx.Send(HttpProxyId, new NHttp::TEvHttpProxy::TEvHttpOutgoingRequest(httpRequest));
+    Become(&THandlerSessionServiceCheckNebius::StateExchange);
+}
+
+void THandlerSessionServiceCheckNebius::ExchangeSessionToken(const TString sessionToken, const NActors::TActorContext& ctx) {
+    LOG_DEBUG_S(ctx, EService::MVP, "Exchange session token");
     TStringBuilder body;
     body << "grant_type=urn:ietf:params:oauth:grant-type:token-exchange"
             << "&requested_token_type=urn:ietf:params:oauth:token-type:access_token"
             << "&subject_token_type=urn:ietf:params:oauth:token-type:session_token"
             << "&subject_token=" << sessionToken;
-    httpRequest->Set<&NHttp::THttpRequest::Body>(body);
-
-    ctx.Send(HttpProxyId, new NHttp::TEvHttpProxy::TEvHttpOutgoingRequest(httpRequest));
 
-    Become(&THandlerSessionServiceCheckNebius::StateExchange);
+    SendTokenExchangeRequest(body, ETokenExchangeType::SessionToken, ctx);
 }
 
 void THandlerSessionServiceCheckNebius::ExchangeImpersonatedToken(const TString sessionToken, const TString impersonatedToken, const NActors::TActorContext& ctx) {
     LOG_DEBUG_S(ctx, EService::MVP, "Exchange impersonated token");
-    tokenExchangeType = ETokenExchangeType::ImpersonatedToken;
-    NHttp::THttpOutgoingRequestPtr httpRequest = NHttp::THttpOutgoingRequest::CreateRequestPost(Settings.GetExchangeEndpointURL());
-    httpRequest->Set<&NHttp::THttpRequest::ContentType>("application/x-www-form-urlencoded");
-
-    TMvpTokenator* tokenator = MVPAppData()->Tokenator;
-    TString token = "";
-    if (tokenator) {
-        token = tokenator->GetToken(Settings.SessionServiceTokenName);
-    }
-    httpRequest->Set("Authorization", token); // Bearer included
     TStringBuilder body;
     body << "grant_type=urn:ietf:params:oauth:grant-type:token-exchange"
             << "&requested_token_type=urn:ietf:params:oauth:token-type:access_token"
             << "&subject_token_type=urn:ietf:params:oauth:token-type:jwt"
             << "&subject_token=" << impersonatedToken
             << "&actor_token=" << sessionToken
             << "&actor_token_type=urn:ietf:params:oauth:token-type:session_token";
-    httpRequest->Set<&NHttp::THttpRequest::Body>(body);
 
-    ctx.Send(HttpProxyId, new NHttp::TEvHttpProxy::TEvHttpOutgoingRequest(httpRequest));
-
-    Become(&THandlerSessionServiceCheckNebius::StateExchange);
+    SendTokenExchangeRequest(body, ETokenExchangeType::ImpersonatedToken, ctx);
 }
 
 void THandlerSessionServiceCheckNebius::ClearImpersonatedCookie(const NActors::TActorContext& ctx) {
diff --git a/ydb/mvp/oidc_proxy/oidc_protected_page_nebius.h b/ydb/mvp/oidc_proxy/oidc_protected_page_nebius.h
@@ -23,7 +23,6 @@ class THandlerSessionServiceCheckNebius : public THandlerSessionServiceCheck {
                                       const NActors::TActorId& httpProxyId,
                                       const TOpenIdConnectSettings& settings);
     TStringBuf GetCookie(const NHttp::TCookies& cookies, const TString& cookieName, const NActors::TActorContext& ctx);
-    TString DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx);
     void StartOidcProcess(const NActors::TActorContext& ctx) override;
     void HandleExchange(NHttp::TEvHttpProxy::TEvHttpIncomingResponse::TPtr event, const NActors::TActorContext& ctx);
 
@@ -40,7 +39,7 @@ class THandlerSessionServiceCheckNebius : public THandlerSessionServiceCheck {
     }
 
 private:
-
+    void SendTokenExchangeRequest(const TStringBuilder& body, const ETokenExchangeType exchangeType, const NActors::TActorContext& ctx);
     void ExchangeSessionToken(const TString sessionToken, const NActors::TActorContext& ctx);
     void ExchangeImpersonatedToken(const TString sessionToken, const TString impersonatedToken, const NActors::TActorContext& ctx);
     void ClearImpersonatedCookie(const NActors::TActorContext& ctx);
diff --git a/ydb/mvp/oidc_proxy/openid_connect.cpp b/ydb/mvp/oidc_proxy/openid_connect.cpp
@@ -237,5 +237,16 @@ TCheckStateResult CheckState(const TString& state, const TString& key) {
     return TCheckStateResult();
 }
 
+TString DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx) {
+    TString token;
+    try {
+        Base64StrictDecode(cookie, token);
+    } catch (std::exception& e) {
+        LOG_DEBUG_S(ctx, EService::MVP, "Base64Decode " << cookie << " cookie: " << e.what());
+        token.clear();
+    }
+    return token;
+}
+
 }  // NOIDC
 }  // NMVP
diff --git a/ydb/mvp/oidc_proxy/openid_connect.h b/ydb/mvp/oidc_proxy/openid_connect.h
@@ -9,7 +9,6 @@
 #include <ydb/mvp/core/core_ydb.h>
 #include "context.h"
 
-
 namespace NMVP {
 namespace NOIDC {
 
@@ -52,6 +51,7 @@ TString ClearSecureCookie(const TString& name);
 void SetCORS(const NHttp::THttpIncomingRequestPtr& request, NHttp::THeadersBuilder* const headers);
 TRestoreOidcContextResult RestoreOidcContext(const NHttp::TCookies& cookies, const TString& key);
 TCheckStateResult CheckState(const TString& state, const TString& key);
+TString DecodeToken(const TStringBuf& cookie, const NActors::TActorContext& ctx);
 
 template <typename TSessionService>
 std::unique_ptr<NYdbGrpc::TServiceConnection<TSessionService>> CreateGRpcServiceConnection(const TString& endpoint) {
