Touch up GitHub and GitHub.OAuth

config/config.exs

@@ -65,11 +65,13 @@ config :code_corps, :icon_color_generator, CodeCorps.RandomIconColor.Generator
 # Set Corsica logging to output a console warning when rejecting a request
 config :code_corps, :corsica_log_level, [rejected: :warn]
 
+{:ok, pem} = System.get_env("GITHUB_APP_PEM") |> Base.decode64()
+
 config :code_corps,
   github_app_id: System.get_env("GITHUB_APP_ID"),
   github_app_client_id: System.get_env("GITHUB_APP_CLIENT_ID"),
   github_app_client_secret: System.get_env("GITHUB_APP_CLIENT_SECRET"),
-  github_app_pem: System.get_env("GITHUB_APP_PEM")
+  github_app_pem: pem
 
 config :stripity_stripe,
   api_key: System.get_env("STRIPE_SECRET_KEY"),

lib/code_corps/github.ex

@@ -3,7 +3,6 @@ defmodule CodeCorps.GitHub do
   @app_id Application.get_env(:code_corps, :github_app_id)
   @client_id Application.get_env(:code_corps, :github_app_client_id)
   @client_secret Application.get_env(:code_corps, :github_app_client_secret)
-  @rsa_key Application.get_env(:code_corps, :github_app_pem)
 
   @base_access_token_params %{
     client_id: @client_id,
@@ -136,18 +135,21 @@ defmodule CodeCorps.GitHub do
   Expires in 10 minutes.
   """
   def generate_jwt do
+    signer = rsa_key() |> Joken.rs256()
+
     %{}
     |> Joken.token
     |> Joken.with_exp(Timex.now |> Timex.shift(minutes: 10) |> Timex.to_unix)
     |> Joken.with_iss(@app_id |> String.to_integer())
     |> Joken.with_iat(Timex.now |> Timex.to_unix)
-    |> Joken.with_signer(Joken.rs256(rsa_key()))
+    |> Joken.with_signer(signer)
     |> Joken.sign
     |> Joken.get_compact
   end
 
   defp rsa_key do
-    JOSE.JWK.from_pem(@rsa_key)
+    Application.get_env(:code_corps, :github_app_pem)
+    |> JOSE.JWK.from_pem()
   end
 
   @spec add_jwt_header(headers) :: headers
@@ -161,15 +163,6 @@ defmodule CodeCorps.GitHub do
     [:with_body | opts]
   end
 
-  @spec add_pool_option(list) :: list
-  defp add_pool_option(opts) do
-    if use_pool?() do
-      [{:pool, @pool_name} | opts]
-    else
-      opts
-    end
-  end
-
   @doc """
   A low level utility function to make a direct request to the GitHub API.
   """
@@ -189,7 +182,6 @@ defmodule CodeCorps.GitHub do
     req_opts =
       opts
       |> add_default_options()
-      |> add_pool_option()
 
     method
     |> :hackney.request(req_url, req_headers, req_body, req_opts)
@@ -218,7 +210,6 @@ defmodule CodeCorps.GitHub do
     req_opts =
       []
       |> add_default_options()
-      |> add_pool_option()
 
     :hackney.request(:post, req_url, req_headers, req_body, req_opts)
     |> handle_response()
@@ -242,7 +233,6 @@ defmodule CodeCorps.GitHub do
     req_opts =
       opts
       |> add_default_options()
-      |> add_pool_option()
 
     :hackney.request(method, req_url, req_headers, req_body, req_opts)
     |> handle_response()

lib/code_corps/github/oauth.ex

@@ -5,11 +5,8 @@ defmodule CodeCorps.GitHub.OAuth do
   alias CodeCorps.{GitHub, Repo, User}
 
   @doc """
-  POSTs `code` to GitHub to receive an OAuth token, then associates the user
-  with that OAuth token.
-
-  Accepts a third parameter – a custom API module – for the purposes of
-  explicit dependency injection during testing.
+  POSTs `code` and `state` to GitHub to receive an OAuth token,
+  then associates the given user with that OAuth token.
 
   Returns one of the following: