bitwarden · Tyrrrz · Oct 2, 2023 · Sep 29, 2023 · Sep 29, 2023 · Sep 29, 2023
@@ -11,46 +11,43 @@ namespace Passwordless;
 [DebuggerDisplay("{DebuggerToString(),nq}")]
 public class PasswordlessClient : IPasswordlessClient, IDisposable
 {
-    private readonly HttpClient _client;
-    private readonly bool _disposeClient;
+    private readonly HttpClient _http;
+    private readonly PasswordlessOptions _options;
 
-    /// <summary>
-    /// Initializes an instance of <see cref="PasswordlessClient" />.
-    /// </summary>
-    public static PasswordlessClient Create(PasswordlessOptions options, IHttpClientFactory factory)
+    private PasswordlessClient(HttpClient http, bool disposeClient, PasswordlessOptions options)
     {
-        var client = factory.CreateClient();
-        client.BaseAddress = new Uri(options.ApiUrl);
-        client.DefaultRequestHeaders.Add("ApiSecret", options.ApiSecret);
-        return new PasswordlessClient(client);
+        _http = new HttpClient(new PasswordlessHttpHandler(http, disposeClient), true)
+        {
+            BaseAddress = new Uri(options.ApiUrl),
+            DefaultRequestHeaders =
+            {
+                {"ApiSecret", options.ApiSecret}
+            }
+        };
+
+        _options = options;
     }
 
     /// <summary>
     /// Initializes an instance of <see cref="PasswordlessClient" />.
     /// </summary>
-    public PasswordlessClient(PasswordlessOptions passwordlessOptions)
+    public PasswordlessClient(HttpClient http, PasswordlessOptions options)
+        : this(http, false, options)
     {
-        _client = new HttpClient
-        {
-            BaseAddress = new Uri(passwordlessOptions.ApiUrl),
-        };
-        _client.DefaultRequestHeaders.Add("ApiSecret", passwordlessOptions.ApiSecret);
-        _disposeClient = true;
     }
 
     /// <summary>
     /// Initializes an instance of <see cref="PasswordlessClient" />.
     /// </summary>
-    public PasswordlessClient(HttpClient client)
+    public PasswordlessClient(PasswordlessOptions options)
+        : this(new HttpClient(), true, options)
     {
-        _client = client;
-        _disposeClient = false;
     }
 
     /// <inheritdoc />
     public async Task SetAliasAsync(SetAliasRequest request, CancellationToken cancellationToken)
     {
-        using var response = await _client.PostAsJsonAsync("alias",
+        using var response = await _http.PostAsJsonAsync("alias",
             request,
             PasswordlessSerializerContext.Default.SetAliasRequest,
             cancellationToken);
@@ -61,7 +58,7 @@ public async Task SetAliasAsync(SetAliasRequest request, CancellationToken cance
     /// <inheritdoc />
     public async Task<RegisterTokenResponse> CreateRegisterTokenAsync(RegisterOptions registerOptions, CancellationToken cancellationToken = default)
     {
-        using var response = await _client.PostAsJsonAsync("register/token",
+        using var response = await _http.PostAsJsonAsync("register/token",
             registerOptions,
             PasswordlessSerializerContext.Default.RegisterOptions,
             cancellationToken);
@@ -83,7 +80,7 @@ public async Task<RegisterTokenResponse> CreateRegisterTokenAsync(RegisterOption
 
         // We just want to return null if there is a problem.
         request.SkipErrorHandling();
-        using var response = await _client.SendAsync(request, cancellationToken);
+        using var response = await _http.SendAsync(request, cancellationToken);
 
         if (response.IsSuccessStatusCode)
         {
@@ -100,7 +97,7 @@ public async Task<RegisterTokenResponse> CreateRegisterTokenAsync(RegisterOption
     /// <inheritdoc />
     public async Task DeleteUserAsync(string userId, CancellationToken cancellationToken = default)
     {
-        using var response = await _client.PostAsJsonAsync("users/delete",
+        using var response = await _http.PostAsJsonAsync("users/delete",
             new DeleteUserRequest(userId),
             PasswordlessSerializerContext.Default.DeleteUserRequest,
             cancellationToken);
@@ -109,7 +106,7 @@ public async Task DeleteUserAsync(string userId, CancellationToken cancellationT
     /// <inheritdoc />
     public async Task<IReadOnlyList<PasswordlessUserSummary>> ListUsersAsync(CancellationToken cancellationToken = default)
     {
-        var response = await _client.GetFromJsonAsync(
+        var response = await _http.GetFromJsonAsync(
             "users/list",
             PasswordlessSerializerContext.Default.ListResponsePasswordlessUserSummary,
             cancellationToken);
@@ -120,7 +117,7 @@ public async Task<IReadOnlyList<PasswordlessUserSummary>> ListUsersAsync(Cancell
     /// <inheritdoc />
     public async Task<IReadOnlyList<AliasPointer>> ListAliasesAsync(string userId, CancellationToken cancellationToken = default)
     {
-        var response = await _client.GetFromJsonAsync(
+        var response = await _http.GetFromJsonAsync(
             $"alias/list?userid={userId}",
             PasswordlessSerializerContext.Default.ListResponseAliasPointer,
             cancellationToken);
@@ -131,7 +128,7 @@ public async Task<IReadOnlyList<AliasPointer>> ListAliasesAsync(string userId, C
     /// <inheritdoc />
     public async Task<IReadOnlyList<Credential>> ListCredentialsAsync(string userId, CancellationToken cancellationToken = default)
     {
-        var response = await _client.GetFromJsonAsync(
+        var response = await _http.GetFromJsonAsync(
             $"credentials/list?userid={userId}",
             PasswordlessSerializerContext.Default.ListResponseCredential,
             cancellationToken);
@@ -142,7 +139,7 @@ public async Task<IReadOnlyList<Credential>> ListCredentialsAsync(string userId,
     /// <inheritdoc />
     public async Task DeleteCredentialAsync(string id, CancellationToken cancellationToken = default)
     {
-        using var response = await _client.PostAsJsonAsync("credentials/delete",
+        using var response = await _http.PostAsJsonAsync("credentials/delete",
             new DeleteCredentialRequest(id),
             PasswordlessSerializerContext.Default.DeleteCredentialRequest,
             cancellationToken);
@@ -157,7 +154,7 @@ public async Task DeleteCredentialAsync(byte[] id, CancellationToken cancellatio
     /// <inheritdoc />
     public async Task<UsersCount> GetUsersCountAsync(CancellationToken cancellationToken = default)
     {
-        return (await _client.GetFromJsonAsync(
+        return (await _http.GetFromJsonAsync(
             "users/count",
             PasswordlessSerializerContext.Default.UsersCount,
             cancellationToken))!;
@@ -166,17 +163,18 @@ public async Task<UsersCount> GetUsersCountAsync(CancellationToken cancellationT
     private string DebuggerToString()
     {
         var sb = new StringBuilder();
+
         sb.Append("ApiUrl = ");
-        sb.Append(_client.BaseAddress);
-        if (_client.DefaultRequestHeaders.TryGetValues("ApiSecret", out var values))
+        sb.Append(_options.ApiUrl);
+
+        if (!string.IsNullOrEmpty(_options.ApiSecret))
         {
-            var apiSecret = values.First();
-            if (apiSecret.Length > 5)
+            if (_options.ApiSecret.Length > 5)
             {
                 sb.Append(' ');
                 sb.Append("ApiSecret = ");
                 sb.Append("***");
-                sb.Append(apiSecret.Substring(apiSecret.Length - 4));
+                sb.Append(_options.ApiSecret.Substring(_options.ApiSecret.Length - 4));
             }
         }
         else
@@ -200,9 +198,7 @@ public void Dispose()
     /// </summary>
     protected virtual void Dispose(bool disposing)
     {
-        if (disposing && _disposeClient)
-        {
-            _client.Dispose();
-        }
+        if (disposing)
+            _http.Dispose();
     }
 }
@@ -0,0 +1,48 @@
+using System.Net.Http.Json;
+using Passwordless.Helpers;
+
+namespace Passwordless;
+
+internal class PasswordlessHttpHandler : HttpMessageHandler
+{
+    // Externally provided HTTP Client
+    private readonly HttpClient _http;
+    private readonly bool _disposeClient;
+
+    public PasswordlessHttpHandler(HttpClient http, bool disposeClient = false)
+    {
+        _http = http;
+        _disposeClient = disposeClient;
+    }
+
+    protected override async Task<HttpResponseMessage> SendAsync(
+        HttpRequestMessage request,
+        CancellationToken cancellationToken)
+    {
+        var response = await _http.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, cancellationToken);
+
+        // On failed requests, check if responded with ProblemDetails and provide a nicer error if so
+        if (!request.ShouldSkipErrorHandling() &&
+            !response.IsSuccessStatusCode &&
+            string.Equals(response.Content.Headers.ContentType?.MediaType,
+                "application/problem+json",
+                StringComparison.OrdinalIgnoreCase))
+        {
+            var problemDetails = await response.Content.ReadFromJsonAsync(
+                PasswordlessSerializerContext.Default.PasswordlessProblemDetails,
+                cancellationToken
+            );
+
+            if (problemDetails is not null)
+                throw new PasswordlessApiException(problemDetails);
+        }
+
+        return response;
+    }
+
+    protected override void Dispose(bool disposing)
+    {
+        if (disposing && _disposeClient)
+            _http.Dispose();
+    }
+}