crspybits/AppleSignInCreds+Refresh.swift

## AppleSignInCreds+Refresh.swift
/// Validate the given refresh token. This does *not* generate a new id token-- the API returns an updated *access token*, which Apple doesn't define a use for (and we don't save).
/// On success, updates the lastRefreshTokenValidation.
func validateRefreshToken(refreshToken: String, completion: @escaping (Swift.Error?) -> ()) {
    self.refreshToken = refreshToken

    let clientSecret:String
    do {
        clientSecret = try createClientSecret()
    } catch let error {
        completion(error)
        return
    }

    let bodyParameters = "client_id=\(config.clientId)" + "&" +
        "client_secret=\(clientSecret)" + "&" +
        "refresh_token=\(refreshToken)" + "&" +
        "grant_type=refresh_token"

    let additionalHeaders = ["Content-Type": "application/x-www-form-urlencoded"]

    apiCall(method: "POST", path: "/auth/token", additionalHeaders:additionalHeaders, body: .string(bodyParameters), expectedSuccessBody: .data) {[weak self] apiResult, statusCode, responseHeaders in
        guard let self = self else {
            completion(GenerateTokensError.couldNotGetSelf)
            return
        }

        guard statusCode == HTTPStatusCode.OK else {
            completion(GenerateTokensError.badStatusCode(statusCode))
            return
        }

        guard apiResult != nil else {
            completion(GenerateTokensError.nilAPIResult)
            return
        }

        guard case .data(let data) = apiResult else {
            completion(GenerateTokensError.noDataInAPIResult)
            return
        }

        let decoder = JSONDecoder()
        do {
            _ = try decoder.decode(RefreshIdTokenResult.self, from: data)
        } catch let error {
            Log.error("\(error)")
            completion(GenerateTokensError.couldNotDecodeResult)
            return
        }

        self.lastRefreshTokenValidation = Date()

        guard let delegate = self.delegate else {
            Log.warning("No delegate!")
            completion(nil)
            return
        }

        guard delegate.saveToDatabase(account: self) else {
            completion(GenerateTokensError.errorSavingCredsToDatabase)
            return
        }

        completion(nil)
    }
}
	/// Validate the given refresh token. This does not generate a new id token-- the API returns an updated access token, which Apple doesn't define a use for (and we don't save).
	/// On success, updates the lastRefreshTokenValidation.
	func validateRefreshToken(refreshToken: String, completion: @escaping (Swift.Error?) -> ()) {
	self.refreshToken = refreshToken

	let clientSecret:String
	do {
	clientSecret = try createClientSecret()
	} catch let error {
	completion(error)
	return
	}

	let bodyParameters = "client_id=\(config.clientId)" + "&" +
	"client_secret=\(clientSecret)" + "&" +
	"refresh_token=\(refreshToken)" + "&" +
	"grant_type=refresh_token"

	let additionalHeaders = ["Content-Type": "application/x-www-form-urlencoded"]

	apiCall(method: "POST", path: "/auth/token", additionalHeaders:additionalHeaders, body: .string(bodyParameters), expectedSuccessBody: .data) {[weak self] apiResult, statusCode, responseHeaders in
	guard let self = self else {
	completion(GenerateTokensError.couldNotGetSelf)
	return
	}

	guard statusCode == HTTPStatusCode.OK else {
	completion(GenerateTokensError.badStatusCode(statusCode))
	return
	}

	guard apiResult != nil else {
	completion(GenerateTokensError.nilAPIResult)
	return
	}

	guard case .data(let data) = apiResult else {
	completion(GenerateTokensError.noDataInAPIResult)
	return
	}

	let decoder = JSONDecoder()
	do {
	_ = try decoder.decode(RefreshIdTokenResult.self, from: data)
	} catch let error {
	Log.error("\(error)")
	completion(GenerateTokensError.couldNotDecodeResult)
	return
	}

	self.lastRefreshTokenValidation = Date()

	guard let delegate = self.delegate else {
	Log.warning("No delegate!")
	completion(nil)
	return
	}

	guard delegate.saveToDatabase(account: self) else {
	completion(GenerateTokensError.errorSavingCredsToDatabase)
	return
	}

	completion(nil)
	}
	}