[autofix.ci] apply automated fixes

autofix-ci[bot] · web-flow · commit 81b782f8c6ec · 2025-08-18T02:45:38.000Z
diff --git a/ee/tabby-webserver/src/oauth/general.rs b/ee/tabby-webserver/src/oauth/general.rs
@@ -1,31 +1,17 @@
-use std::sync::{Arc, LazyLock, Mutex};
+use std::{
+    collections::HashMap,
+    sync::{Arc, LazyLock, Mutex},
+};
 
-use anyhow::anyhow;
-use anyhow::Result;
+use anyhow::{anyhow, Result};
 use async_trait::async_trait;
 use cached::{proc_macro::cached, TimedCache};
 use openidconnect::{
-    AccessTokenHash,
-    AuthorizationCode,
-    CsrfToken,
-    ClientId,
-    ClientSecret,
-    IssuerUrl,
-    Nonce,
-    OAuth2TokenResponse,
-    PkceCodeChallenge,
-    PkceCodeVerifier,
-    RedirectUrl,
-    TokenResponse,
-};
-use openidconnect::core::{
-    CoreAuthenticationFlow,
-    CoreClient,
-    CoreProviderMetadata,
-    CoreUserInfoClaims,
+    core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata, CoreUserInfoClaims},
+    AccessTokenHash, AuthorizationCode, ClientId, ClientSecret, CsrfToken, IssuerUrl, Nonce,
+    OAuth2TokenResponse, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl, TokenResponse,
 };
 use serde::Deserialize;
-use std::collections::HashMap;
 use tabby_schema::auth::{AuthenticationService, OAuthCredential, OAuthProvider};
 
 use super::OAuthClient;
@@ -42,9 +28,8 @@ pub struct OAuthRequest {
     pub pkce_verifier: String,
 }
 
-static AUTH_REQS: LazyLock<Mutex<HashMap<String, OAuthRequest>>> = LazyLock::new(|| {
-    Mutex::new(HashMap::new())
-});
+static AUTH_REQS: LazyLock<Mutex<HashMap<String, OAuthRequest>>> =
+    LazyLock::new(|| Mutex::new(HashMap::new()));
 
 impl GeneralClient {
     pub fn new(auth: Arc<dyn AuthenticationService>) -> Self {
@@ -65,7 +50,7 @@ impl GeneralClient {
         }
     }
 
-    async fn retrieve_provider_metadata( &self, config_url: String) -> Option<CoreProviderMetadata> {
+    async fn retrieve_provider_metadata(&self, config_url: String) -> Option<CoreProviderMetadata> {
         retrieve_provider_metadata(config_url).await
     }
 }
@@ -98,14 +83,15 @@ impl OAuthClient for GeneralClient {
 
         let client = reqwest::Client::new();
         let pkce_verifier = PkceCodeVerifier::new(auth_req.pkce_verifier.clone());
-        let token_response = oidc_client.exchange_code(AuthorizationCode::new(code))?
+        let token_response = oidc_client
+            .exchange_code(AuthorizationCode::new(code))?
             .set_pkce_verifier(pkce_verifier)
             .request_async(&client)
             .await?;
 
         let id_token = token_response
-          .id_token()
-          .ok_or_else(|| anyhow!("Invalid authentication token"))?;
+            .id_token()
+            .ok_or_else(|| anyhow!("Invalid authentication token"))?;
 
         let id_token_verifier = oidc_client.id_token_verifier();
         let nonce = Nonce::new(auth_req.nonce.clone());
@@ -118,31 +104,29 @@ impl OAuthClient for GeneralClient {
                 id_token.signing_key(&id_token_verifier)?,
             )?;
             if actual_access_token_hash != *expected_access_token_hash {
-               bail!("Invalid access token");
+                bail!("Invalid access token");
             }
         }
 
         let access_token = token_response.access_token().secret().to_string();
 
         // Get User info
-        let user_info_response = oidc_client.user_info(token_response.access_token().to_owned(), None)?
-            .request_async(&client).await;
+        let user_info_response = oidc_client
+            .user_info(token_response.access_token().to_owned(), None)?
+            .request_async(&client)
+            .await;
 
         let mut user_info = self.user_info.lock().unwrap();
-        *user_info = match user_info_response {
-            Ok(user_info) => Some(user_info),
-            Err(_err) => None,
-        };
+        *user_info = user_info_response.ok();
 
         Ok(access_token)
     }
 
     async fn fetch_user_email(&self, _access_token: &str) -> Result<String> {
         let user_info = self.user_info.lock().unwrap();
         match &*user_info {
-            Some(user_info) =>{
-                let end_user_email = user_info.email().unwrap()
-                    .to_owned();
+            Some(user_info) => {
+                let end_user_email = user_info.email().unwrap().to_owned();
                 let email = end_user_email.to_string();
                 Ok(email)
             }
@@ -154,8 +138,7 @@ impl OAuthClient for GeneralClient {
         let user_info = self.user_info.lock().unwrap();
         match &*user_info {
             Some(user_info) => {
-                let end_user_full_name = user_info.name().unwrap()
-                    .to_owned();
+                let end_user_full_name = user_info.name().unwrap().to_owned();
                 let full_name = end_user_full_name.get(None).unwrap().to_string();
                 Ok(full_name)
             }
@@ -171,16 +154,16 @@ impl OAuthClient for GeneralClient {
         };
         let provider_metadata = self.retrieve_provider_metadata(config_url).await.unwrap();
 
-        let redirect_uri = RedirectUrl::new(
-            self.auth.oauth_callback_url(OAuthProvider::General).await?
-        )?;
+        let redirect_uri =
+            RedirectUrl::new(self.auth.oauth_callback_url(OAuthProvider::General).await?)?;
         let scopes_supported = provider_metadata.scopes_supported().unwrap().clone();
 
         let oidc_client = CoreClient::from_provider_metadata(
             provider_metadata,
             ClientId::new(credential.client_id),
             Some(ClientSecret::new(credential.client_secret)),
-        ).set_redirect_uri(redirect_uri);
+        )
+        .set_redirect_uri(redirect_uri);
 
         let (pkce_challenge, pkce_verifier) = PkceCodeChallenge::new_random_sha256();
 
@@ -203,7 +186,7 @@ impl OAuthClient for GeneralClient {
         let (auth_uri, csrf_token, nonce) = authorization_request.url();
         let auth_req = OAuthRequest {
             nonce: nonce.secret().clone(),
-            pkce_verifier: pkce_verifier.into_secret()
+            pkce_verifier: pkce_verifier.into_secret(),
         };
 
         let mut auth_reqs = AUTH_REQS.lock().unwrap();
@@ -213,20 +196,15 @@ impl OAuthClient for GeneralClient {
     }
 }
 
-
 #[cached(
     type = "TimedCache<String, Option<CoreProviderMetadata>>",
     create = "{ TimedCache::with_lifespan(3600 * 12) }"
 )]
 async fn retrieve_provider_metadata(config_url: String) -> Option<CoreProviderMetadata> {
     let client = reqwest::Client::new();
-    let provider_metadata = CoreProviderMetadata::discover_async(
-        IssuerUrl::new(config_url).ok().unwrap(),
-        &client,
-    ).await;
-
-    match provider_metadata {
-        Ok(provider_metadata) => Some(provider_metadata),
-        Err(_) => None,
-    }
+    let provider_metadata =
+        CoreProviderMetadata::discover_async(IssuerUrl::new(config_url).ok().unwrap(), &client)
+            .await;
+
+    provider_metadata.ok()
 }
diff --git a/ee/tabby-webserver/src/oauth/github.rs b/ee/tabby-webserver/src/oauth/github.rs
@@ -93,7 +93,11 @@ impl GithubClient {
 
 #[async_trait]
 impl OAuthClient for GithubClient {
-    async fn exchange_code_for_token(&self, code: String, _state: Option<String>) -> Result<String> {
+    async fn exchange_code_for_token(
+        &self,
+        code: String,
+        _state: Option<String>,
+    ) -> Result<String> {
         let credentials = self.read_credential().await?;
         let token_resp = self.exchange_access_token(code, credentials).await?;
         if !token_resp.error.is_empty() {
diff --git a/ee/tabby-webserver/src/oauth/gitlab.rs b/ee/tabby-webserver/src/oauth/gitlab.rs
@@ -97,7 +97,11 @@ impl GitlabClient {
 
 #[async_trait]
 impl OAuthClient for GitlabClient {
-    async fn exchange_code_for_token(&self, code: String, _state: Option<String>) -> Result<String> {
+    async fn exchange_code_for_token(
+        &self,
+        code: String,
+        _state: Option<String>,
+    ) -> Result<String> {
         let credentials = self.read_credential().await?;
         let redirect_uri = self.auth.oauth_callback_url(OAuthProvider::Gitlab).await?;
         let token_resp = self
diff --git a/ee/tabby-webserver/src/oauth/google.rs b/ee/tabby-webserver/src/oauth/google.rs
@@ -98,7 +98,11 @@ impl GoogleClient {
 
 #[async_trait]
 impl OAuthClient for GoogleClient {
-    async fn exchange_code_for_token(&self, code: String, _state: Option<String>) -> Result<String> {
+    async fn exchange_code_for_token(
+        &self,
+        code: String,
+        _state: Option<String>,
+    ) -> Result<String> {
         let credential = self.read_credential().await?;
         let redirect_uri = self.auth.oauth_callback_url(OAuthProvider::Google).await?;
         let token_resp = self
diff --git a/ee/tabby-webserver/src/routes/oauth.rs b/ee/tabby-webserver/src/routes/oauth.rs
@@ -137,7 +137,9 @@ async fn general_oauth_handler(
 ) -> Redirect {
     match_auth_result(
         OAuthProvider::General,
-        state.oauth(param.code, param.state, OAuthProvider::General).await,
+        state
+            .oauth(param.code, param.state, OAuthProvider::General)
+            .await,
     )
 }
 

Original file line number	Diff line number	Diff line change
`@@ -137,7 +137,9 @@ async fn general_oauth_handler(`
`137`	`137`	`) -> Redirect {`
`138`	`138`	`match_auth_result(`
`139`	`139`	`OAuthProvider::General,`
`140`		`- state.oauth(param.code, param.state, OAuthProvider::General).await,`
	`140`	`+ state`
	`141`	`+ .oauth(param.code, param.state, OAuthProvider::General)`
	`142`	`+ .await,`
`141`	`143`	`)`
`142`	`144`	`}`
`143`	`145`