Conversation
Member
appleboy
commented
Mar 6, 2026
appleboy
commented
- Refactor audit logging to centralize context enrichment and record creation in a shared helper, reducing duplication between async and sync paths
- Ensure audit log timestamps are consistent by reusing a single time value per record
- Replace hardcoded client type strings with constants in authorization checks
- Correct device code exchange to return access denied for invalid codes and update the related test expectation
- Standardize token category and status values by replacing string literals with model constants throughout token handling
- Extract shared logic for joining tokens with client data to remove duplication and reuse it for paginated and non-paginated queries
- Centralize failed authentication audit logging into a helper method to simplify user authentication flow
- Refactor audit logging to centralize context enrichment and record creation in a shared helper, reducing duplication between async and sync paths - Ensure audit log timestamps are consistent by reusing a single time value per record - Replace hardcoded client type strings with constants in authorization checks - Correct device code exchange to return access denied for invalid codes and update the related test expectation - Standardize token category and status values by replacing string literals with model constants throughout token handling - Extract shared logic for joining tokens with client data to remove duplication and reuse it for paginated and non-paginated queries - Centralize failed authentication audit logging into a helper method to simplify user authentication flow Signed-off-by: appleboy <appleboy.tw@gmail.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Refactors authentication/audit/token internals to reduce duplication and standardize constants and error behavior across OAuth/device-code flows.
Changes:
- Centralizes audit log enrichment/record creation and reuses a single timestamp per audit record.
- Fixes device-code exchange to return
ErrAccessDeniedfor invalid/non-existent device codes and updates the associated test. - Replaces token status/category string literals with
modelsconstants and extracts shared token→client enrichment logic.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| internal/services/audit.go | Introduces a shared audit-log builder to enrich entries from context and ensure consistent timestamps across fields. |
| internal/services/user.go | Extracts failed-authentication audit logging into a helper to remove duplication in the auth flow. |
| internal/services/token.go | Adjusts device-code invalid-code error mapping, standardizes token status/category constants, and deduplicates token+client join logic. |
| internal/services/token_test.go | Updates device-code exchange test expectation for invalid device codes to ErrAccessDenied. |
| internal/services/authorization.go | Replaces hardcoded client type strings with shared constants for authorization checks. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
- Reformat several functions for improved readability by splitting long signatures and method calls across multiple lines Signed-off-by: appleboy <appleboy.tw@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.