5 files changed, 352 insertions, 34 deletions
diff --git a/backend/auth/auth.go b/backend/auth/auth.go
index 3a292d9..3ede326 100644
--- a/backend/auth/auth.go
+++ b/backend/auth/auth.go
@@ -1,24 +1,26 @@
 package auth
 
 import (
-	"bytes"
 	"context"
-	"encoding/json"
 	"errors"
 	"fmt"
-	"net/http"
-	"net/url"
+	"time"
 
 	"github.com/jackc/pgx/v5"
 	"golang.org/x/crypto/bcrypt"
 
+	"github.com/nsfisis/iosdc-japan-2024-albatross/backend/auth/fortee"
 	"github.com/nsfisis/iosdc-japan-2024-albatross/backend/db"
 )
 
 var (
 	ErrInvalidRegistrationToken = errors.New("invalid registration token")
 	ErrNoRegistrationToken      = errors.New("no registration token")
-	ErrForteeLoginFailed        = errors.New("fortee login failed")
+	ErrForteeLoginTimeout       = errors.New("fortee login timeout")
+)
+
+const (
+	forteeAPITimeout = 3 * time.Second
 )
 
 func Login(
@@ -100,35 +102,13 @@ func verifyRegistrationToken(ctx context.Context, queries *db.Queries, registrat
 	return nil
 }
 
-func verifyForteeAccount(_ context.Context, username string, password string) error {
-	reqData := url.Values{}
-	reqData.Set("username", username)
-	reqData.Set("password", password)
-	reqBody := reqData.Encode()
-
-	req, err := http.NewRequest("POST", "https://fortee.jp/api/user/login", bytes.NewBufferString(reqBody))
-	if err != nil {
-		return fmt.Errorf("http.NewRequest failed: %w", err)
-	}
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
-	req.Header.Set("Accept", "application/json")
+func verifyForteeAccount(ctx context.Context, username string, password string) error {
+	ctx, cancel := context.WithTimeout(ctx, forteeAPITimeout)
+	defer cancel()
 
-	client := &http.Client{}
-	res, err := client.Do(req)
-	if err != nil {
-		return fmt.Errorf("client.Do failed: %v", err)
+	err := fortee.LoginFortee(ctx, username, password)
+	if errors.Is(err, context.DeadlineExceeded) {
+		return ErrForteeLoginTimeout
 	}
-	defer res.Body.Close()
-
-	resData := struct {
-		LoggedIn bool `json:"loggedIn"`
-	}{}
-	if err := json.NewDecoder(res.Body).Decode(&resData); err != nil {
-		return fmt.Errorf("json.Decode failed: %v", err)
-	}
-
-	if !resData.LoggedIn {
-		return ErrForteeLoginFailed
-	}
-	return nil
+	return err
 }
diff --git a/backend/auth/fortee/fortee.go b/backend/auth/fortee/fortee.go
new file mode 100644
index 0000000..7f9d816
--- /dev/null
+++ b/backend/auth/fortee/fortee.go
@@ -0,0 +1,42 @@
+package fortee
+
+import (
+	"context"
+	"errors"
+	"net/http"
+)
+
+const (
+	apiEndpoint = "https://fortee.jp"
+)
+
+var (
+	ErrLoginFailed = errors.New("fortee login failed")
+)
+
+func LoginFortee(ctx context.Context, username string, password string) error {
+	client, err := NewClientWithResponses(apiEndpoint, WithRequestEditorFn(addAcceptHeader))
+	if err != nil {
+		return err
+	}
+	res, err := client.PostLoginWithFormdataBodyWithResponse(ctx, PostLoginFormdataRequestBody{
+		Username: username,
+		Password: password,
+	})
+	if err != nil {
+		return err
+	}
+	if res.StatusCode() != http.StatusOK {
+		return ErrLoginFailed
+	}
+	if !res.JSON200.LoggedIn {
+		return ErrLoginFailed
+	}
+	return nil
+}
+
+// fortee API denies requests without Accept header.
+func addAcceptHeader(_ context.Context, req *http.Request) error {
+	req.Header.Set("Accept", "application/json")
+	return nil
+}
diff --git a/backend/auth/fortee/generated.go b/backend/auth/fortee/generated.go
new file mode 100644
index 0000000..e2fd920
--- /dev/null
+++ b/backend/auth/fortee/generated.go
@@ -0,0 +1,286 @@
+// Package fortee provides primitives to interact with the openapi HTTP API.
+//
+// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.3.0 DO NOT EDIT.
+package fortee
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/oapi-codegen/runtime"
+)
+
+// PostLoginFormdataBody defines parameters for PostLogin.
+type PostLoginFormdataBody struct {
+	Password string `form:"password" json:"password"`
+	Username string `form:"username" json:"username"`
+}
+
+// PostLoginFormdataRequestBody defines body for PostLogin for application/x-www-form-urlencoded ContentType.
+type PostLoginFormdataRequestBody PostLoginFormdataBody
+
+// RequestEditorFn  is the function signature for the RequestEditor callback function
+type RequestEditorFn func(ctx context.Context, req *http.Request) error
+
+// Doer performs HTTP requests.
+//
+// The standard http.Client implements this interface.
+type HttpRequestDoer interface {
+	Do(req *http.Request) (*http.Response, error)
+}
+
+// Client which conforms to the OpenAPI3 specification for this service.
+type Client struct {
+	// The endpoint of the server conforming to this interface, with scheme,
+	// https://api.deepmap.com for example. This can contain a path relative
+	// to the server, such as https://api.deepmap.com/dev-test, and all the
+	// paths in the swagger spec will be appended to the server.
+	Server string
+
+	// Doer for performing requests, typically a *http.Client with any
+	// customized settings, such as certificate chains.
+	Client HttpRequestDoer
+
+	// A list of callbacks for modifying requests which are generated before sending over
+	// the network.
+	RequestEditors []RequestEditorFn
+}
+
+// ClientOption allows setting custom parameters during construction
+type ClientOption func(*Client) error
+
+// Creates a new Client, with reasonable defaults
+func NewClient(server string, opts ...ClientOption) (*Client, error) {
+	// create a client with sane default values
+	client := Client{
+		Server: server,
+	}
+	// mutate client and add all optional params
+	for _, o := range opts {
+		if err := o(&client); err != nil {
+			return nil, err
+		}
+	}
+	// ensure the server URL always has a trailing slash
+	if !strings.HasSuffix(client.Server, "/") {
+		client.Server += "/"
+	}
+	// create httpClient, if not already present
+	if client.Client == nil {
+		client.Client = &http.Client{}
+	}
+	return &client, nil
+}
+
+// WithHTTPClient allows overriding the default Doer, which is
+// automatically created using http.Client. This is useful for tests.
+func WithHTTPClient(doer HttpRequestDoer) ClientOption {
+	return func(c *Client) error {
+		c.Client = doer
+		return nil
+	}
+}
+
+// WithRequestEditorFn allows setting up a callback function, which will be
+// called right before sending the request. This can be used to mutate the request.
+func WithRequestEditorFn(fn RequestEditorFn) ClientOption {
+	return func(c *Client) error {
+		c.RequestEditors = append(c.RequestEditors, fn)
+		return nil
+	}
+}
+
+// The interface specification for the client above.
+type ClientInterface interface {
+	// PostLoginWithBody request with any body
+	PostLoginWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	PostLoginWithFormdataBody(ctx context.Context, body PostLoginFormdataRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error)
+}
+
+func (c *Client) PostLoginWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewPostLoginRequestWithBody(c.Server, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) PostLoginWithFormdataBody(ctx context.Context, body PostLoginFormdataRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewPostLoginRequestWithFormdataBody(c.Server, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+// NewPostLoginRequestWithFormdataBody calls the generic PostLogin builder with application/x-www-form-urlencoded body
+func NewPostLoginRequestWithFormdataBody(server string, body PostLoginFormdataRequestBody) (*http.Request, error) {
+	var bodyReader io.Reader
+	bodyStr, err := runtime.MarshalForm(body, nil)
+	if err != nil {
+		return nil, err
+	}
+	bodyReader = strings.NewReader(bodyStr.Encode())
+	return NewPostLoginRequestWithBody(server, "application/x-www-form-urlencoded", bodyReader)
+}
+
+// NewPostLoginRequestWithBody generates requests for PostLogin with any type of body
+func NewPostLoginRequestWithBody(server string, contentType string, body io.Reader) (*http.Request, error) {
+	var err error
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/api/user/login")
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("POST", queryURL.String(), body)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Add("Content-Type", contentType)
+
+	return req, nil
+}
+
+func (c *Client) applyEditors(ctx context.Context, req *http.Request, additionalEditors []RequestEditorFn) error {
+	for _, r := range c.RequestEditors {
+		if err := r(ctx, req); err != nil {
+			return err
+		}
+	}
+	for _, r := range additionalEditors {
+		if err := r(ctx, req); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// ClientWithResponses builds on ClientInterface to offer response payloads
+type ClientWithResponses struct {
+	ClientInterface
+}
+
+// NewClientWithResponses creates a new ClientWithResponses, which wraps
+// Client with return type handling
+func NewClientWithResponses(server string, opts ...ClientOption) (*ClientWithResponses, error) {
+	client, err := NewClient(server, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return &ClientWithResponses{client}, nil
+}
+
+// WithBaseURL overrides the baseURL.
+func WithBaseURL(baseURL string) ClientOption {
+	return func(c *Client) error {
+		newBaseURL, err := url.Parse(baseURL)
+		if err != nil {
+			return err
+		}
+		c.Server = newBaseURL.String()
+		return nil
+	}
+}
+
+// ClientWithResponsesInterface is the interface specification for the client with responses above.
+type ClientWithResponsesInterface interface {
+	// PostLoginWithBodyWithResponse request with any body
+	PostLoginWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*PostLoginResponse, error)
+
+	PostLoginWithFormdataBodyWithResponse(ctx context.Context, body PostLoginFormdataRequestBody, reqEditors ...RequestEditorFn) (*PostLoginResponse, error)
+}
+
+type PostLoginResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *struct {
+		LoggedIn bool `json:"loggedIn"`
+	}
+}
+
+// Status returns HTTPResponse.Status
+func (r PostLoginResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r PostLoginResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// PostLoginWithBodyWithResponse request with arbitrary body returning *PostLoginResponse
+func (c *ClientWithResponses) PostLoginWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*PostLoginResponse, error) {
+	rsp, err := c.PostLoginWithBody(ctx, contentType, body, reqEditors...)
+	if err != nil {
+		return nil, err
+	}
+	return ParsePostLoginResponse(rsp)
+}
+
+func (c *ClientWithResponses) PostLoginWithFormdataBodyWithResponse(ctx context.Context, body PostLoginFormdataRequestBody, reqEditors ...RequestEditorFn) (*PostLoginResponse, error) {
+	rsp, err := c.PostLoginWithFormdataBody(ctx, body, reqEditors...)
+	if err != nil {
+		return nil, err
+	}
+	return ParsePostLoginResponse(rsp)
+}
+
+// ParsePostLoginResponse parses an HTTP response from a PostLoginWithResponse call
+func ParsePostLoginResponse(rsp *http.Response) (*PostLoginResponse, error) {
+	bodyBytes, err := io.ReadAll(rsp.Body)
+	defer func() { _ = rsp.Body.Close() }()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &PostLoginResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest struct {
+			LoggedIn bool `json:"loggedIn"`
+		}
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
diff --git a/backend/gen/gen.go b/backend/gen/gen.go
index 2b39122..81a4005 100644
--- a/backend/gen/gen.go
+++ b/backend/gen/gen.go
@@ -2,5 +2,6 @@ package gen
 
 //go:generate go run github.com/sqlc-dev/sqlc/cmd/sqlc generate
 //go:generate go run github.com/oapi-codegen/oapi-codegen/v2/cmd/oapi-codegen -config oapi-codegen.api-server.yaml ../../openapi/api-server.yaml
+//go:generate go run github.com/oapi-codegen/oapi-codegen/v2/cmd/oapi-codegen -config oapi-codegen.fortee.yaml ../../openapi/fortee.yaml
 //go:generate go run ./api/handler_wrapper_gen.go -i ../api/generated.go -o ../api/handler_wrapper.go
 //go:generate go run ./taskqueue/processor_wrapper_gen.go -i ../taskqueue/tasks.go -o ../taskqueue/processor_wrapper.go
diff --git a/backend/gen/oapi-codegen.fortee.yaml b/backend/gen/oapi-codegen.fortee.yaml
new file mode 100644
index 0000000..3bd5819
--- /dev/null
+++ b/backend/gen/oapi-codegen.fortee.yaml
@@ -0,0 +1,9 @@
+package: fortee
+generate:
+  models: true
+  client: true
+output: ../auth/fortee/generated.go
+output-options:
+  skip-prune: true
+  nullable-type: true
+  name-normalizer: ToCamelCaseWithInitialisms