Refactor user service and co-relevant services to use transactions

Author: JeethJJ

backend/internal/authn/AuthenticationServiceInterface_mock_test.go

@@ -20,6 +20,8 @@
 package credentials
 
 import (
+	"context"
+
 	"github.com/asgardeo/thunder/internal/authn/common"
 	"github.com/asgardeo/thunder/internal/system/error/serviceerror"
 	"github.com/asgardeo/thunder/internal/system/log"
@@ -32,7 +34,8 @@ const (
 
 // CredentialsAuthnServiceInterface defines the contract for credentials-based authenticator services.
 type CredentialsAuthnServiceInterface interface {
-	Authenticate(attributes map[string]interface{}) (*user.User, *serviceerror.ServiceError)
+	Authenticate(ctx context.Context, attributes map[string]interface{}) (
+		*user.User, *serviceerror.ServiceError)
 }
 
 // credentialsAuthnService is the default implementation of CredentialsAuthnServiceInterface.
@@ -51,7 +54,7 @@ func newCredentialsAuthnService(userSvc user.UserServiceInterface) CredentialsAu
 }
 
 // Authenticate authenticates a user using credentials.
-func (c *credentialsAuthnService) Authenticate(attributes map[string]interface{}) (
+func (c *credentialsAuthnService) Authenticate(ctx context.Context, attributes map[string]interface{}) (
 	*user.User, *serviceerror.ServiceError) {
 	logger := log.GetLogger().With(log.String(log.LoggerKeyComponentName, loggerComponentName))
 	logger.Debug("Authenticating user with credentials")
@@ -61,7 +64,7 @@ func (c *credentialsAuthnService) Authenticate(attributes map[string]interface{}
 	}
 
 	authRequest := user.AuthenticateUserRequest(attributes)
-	authResponse, svcErr := c.userService.AuthenticateUser(authRequest)
+	authResponse, svcErr := c.userService.AuthenticateUser(ctx, authRequest)
 	if svcErr != nil {
 		if svcErr.Type == serviceerror.ClientErrorType {
 			switch svcErr.Code {
@@ -75,13 +78,14 @@ func (c *credentialsAuthnService) Authenticate(attributes map[string]interface{}
 			}
 		}
 
-		logger.Error("Error occurred while authenticating the user", log.String("errorCode", svcErr.Code),
+		logger.Error("Error occurred while authenticating the user",
+			log.String("errorCode", svcErr.Code),
 			log.String("errorDescription", svcErr.ErrorDescription))
 		return nil, &serviceerror.InternalServerError
 	}
 
 	// Fetch the user details
-	user, svcErr := c.userService.GetUser(authResponse.ID)
+	user, svcErr := c.userService.GetUser(ctx, authResponse.ID)
 	if svcErr != nil {
 		if svcErr.Type == serviceerror.ClientErrorType {
 			return nil, serviceerror.CustomServiceError(

backend/internal/authn/credentials/service.go

@@ -19,6 +19,7 @@
 package credentials
 
 import (
+	"context"
 	"testing"
 
 	"github.com/stretchr/testify/mock"
@@ -66,10 +67,10 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateSuccess() {
 		OrganizationUnit: orgUnit,
 	}
 
-	suite.mockUserService.On("AuthenticateUser", mock.Anything).Return(authResp, nil)
-	suite.mockUserService.On("GetUser", userID).Return(user, nil)
+	suite.mockUserService.On("AuthenticateUser", mock.Anything, mock.Anything).Return(authResp, nil)
+	suite.mockUserService.On("GetUser", mock.Anything, userID).Return(user, nil)
 
-	result, err := suite.service.Authenticate(attributes)
+	result, err := suite.service.Authenticate(context.Background(), attributes)
 	suite.Nil(err)
 	suite.NotNil(result)
 	suite.Equal(userID, result.ID)
@@ -96,7 +97,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateFailures() {
 				"password": "testpass",
 			},
 			setupMock: func(m *usermock.UserServiceInterfaceMock) {
-				m.On("AuthenticateUser", mock.Anything).Return(nil, &user.ErrorUserNotFound)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(nil, &user.ErrorUserNotFound)
 			},
 			expectedErrorCode: common.ErrorUserNotFound.Code,
 		},
@@ -107,7 +108,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateFailures() {
 				"password": "wrongpass",
 			},
 			setupMock: func(m *usermock.UserServiceInterfaceMock) {
-				m.On("AuthenticateUser", mock.Anything).Return(nil, &user.ErrorAuthenticationFailed)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(nil, &user.ErrorAuthenticationFailed)
 			},
 			expectedErrorCode: ErrorInvalidCredentials.Code,
 		},
@@ -121,7 +122,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateFailures() {
 			}
 			svc := newCredentialsAuthnService(m)
 
-			result, err := svc.Authenticate(tc.attributes)
+			result, err := svc.Authenticate(context.Background(), tc.attributes)
 			suite.Nil(result)
 			suite.NotNil(err)
 			suite.Equal(tc.expectedErrorCode, err.Code)
@@ -150,7 +151,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateWithServiceErrors
 					Code:             "INTERNAL_ERROR",
 					ErrorDescription: "Database connection failed",
 				}
-				m.On("AuthenticateUser", mock.Anything).Return(nil, serverErr)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(nil, serverErr)
 			},
 			expectedErrorCode: serviceerror.InternalServerError.Code,
 		},
@@ -166,7 +167,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateWithServiceErrors
 					Code:             "CUSTOM_ERROR",
 					ErrorDescription: "Custom error message",
 				}
-				m.On("AuthenticateUser", mock.Anything).Return(nil, clientErr)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(nil, clientErr)
 			},
 			expectedErrorCode:  ErrorClientErrorFromUserSvcAuthentication.Code,
 			expectedErrContain: "Custom error message",
@@ -185,8 +186,8 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateWithServiceErrors
 					Code:             "INTERNAL_ERROR",
 					ErrorDescription: "Database connection failed",
 				}
-				m.On("AuthenticateUser", mock.Anything).Return(authResp, nil)
-				m.On("GetUser", userID).Return(nil, serverErr)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(authResp, nil)
+				m.On("GetUser", mock.Anything, userID).Return(nil, serverErr)
 			},
 			expectedErrorCode: serviceerror.InternalServerError.Code,
 		},
@@ -201,11 +202,11 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateWithServiceErrors
 				authResp := &user.AuthenticateUserResponse{ID: userID}
 				clientErr := &serviceerror.ServiceError{
 					Type:             serviceerror.ClientErrorType,
-					Code:             "CUSTOM_ERROR",
+					Code:             "USER_LOCKED",
 					ErrorDescription: "User locked",
 				}
-				m.On("AuthenticateUser", mock.Anything).Return(authResp, nil)
-				m.On("GetUser", userID).Return(nil, clientErr)
+				m.On("AuthenticateUser", mock.Anything, mock.Anything).Return(authResp, nil)
+				m.On("GetUser", mock.Anything, userID).Return(nil, clientErr)
 			},
 			expectedErrorCode:  ErrorClientErrorFromUserSvcAuthentication.Code,
 			expectedErrContain: "User locked",
@@ -220,7 +221,7 @@ func (suite *CredentialsAuthnServiceTestSuite) TestAuthenticateWithServiceErrors
 			}
 			svc := newCredentialsAuthnService(m)
 
-			result, err := svc.Authenticate(tc.attributes)
+			result, err := svc.Authenticate(context.Background(), tc.attributes)
 			suite.Nil(result)
 			suite.NotNil(err)
 			suite.Equal(tc.expectedErrorCode, err.Code)

backend/internal/authn/credentials/service_test.go

@@ -20,6 +20,7 @@
 package github
 
 import (
+	"context"
 	"slices"
 
 	authncm "github.com/asgardeo/thunder/internal/authn/common"
@@ -64,26 +65,26 @@ func newGithubOAuthAuthnService(idpSvc idp.IDPServiceInterface,
 }
 
 // BuildAuthorizeURL constructs the authorization request URL for GitHub OAuth authentication.
-func (g *githubOAuthAuthnService) BuildAuthorizeURL(idpID string) (string, *serviceerror.ServiceError) {
-	return g.internal.BuildAuthorizeURL(idpID)
+func (g *githubOAuthAuthnService) BuildAuthorizeURL(ctx context.Context, idpID string) (string, *serviceerror.ServiceError) {
+	return g.internal.BuildAuthorizeURL(ctx, idpID)
 }
 
 // ExchangeCodeForToken exchanges the authorization code for a token with GitHub.
-func (g *githubOAuthAuthnService) ExchangeCodeForToken(idpID, code string, validateResponse bool) (
-	*authnoauth.TokenResponse, *serviceerror.ServiceError) {
-	return g.internal.ExchangeCodeForToken(idpID, code, validateResponse)
+func (g *githubOAuthAuthnService) ExchangeCodeForToken(ctx context.Context, idpID, code string,
+	validateResponse bool) (*authnoauth.TokenResponse, *serviceerror.ServiceError) {
+	return g.internal.ExchangeCodeForToken(ctx, idpID, code, validateResponse)
 }
 
 // FetchUserInfo retrieves user information from the Github API, ensuring email resolution if necessary.
-func (g *githubOAuthAuthnService) FetchUserInfo(idpID, accessToken string) (
+func (g *githubOAuthAuthnService) FetchUserInfo(ctx context.Context, idpID, accessToken string) (
 	map[string]interface{}, *serviceerror.ServiceError) {
 	logger := g.logger
-	oAuthClientConfig, svcErr := g.internal.GetOAuthClientConfig(idpID)
+	oAuthClientConfig, svcErr := g.internal.GetOAuthClientConfig(ctx, idpID)
 	if svcErr != nil {
 		return nil, svcErr
 	}
 
-	userInfo, svcErr := g.internal.FetchUserInfoWithClientConfig(oAuthClientConfig, accessToken)
+	userInfo, svcErr := g.internal.FetchUserInfoWithClientConfig(ctx, oAuthClientConfig, accessToken)
 	if svcErr != nil {
 		return userInfo, svcErr
 	}
@@ -148,14 +149,14 @@ func (g *githubOAuthAuthnService) fetchPrimaryEmail(
 }
 
 // GetInternalUser retrieves the internal user based on the external subject identifier.
-func (g *githubOAuthAuthnService) GetInternalUser(sub string) (*user.User, *serviceerror.ServiceError) {
-	return g.internal.GetInternalUser(sub)
+func (g *githubOAuthAuthnService) GetInternalUser(ctx context.Context, sub string) (*user.User, *serviceerror.ServiceError) {
+	return g.internal.GetInternalUser(ctx, sub)
 }
 
 // GetOAuthClientConfig retrieves and validates the OAuth client configuration for the given identity provider ID.
-func (g *githubOAuthAuthnService) GetOAuthClientConfig(idpID string) (
+func (g *githubOAuthAuthnService) GetOAuthClientConfig(ctx context.Context, idpID string) (
 	*authnoauth.OAuthClientConfig, *serviceerror.ServiceError) {
-	return g.internal.GetOAuthClientConfig(idpID)
+	return g.internal.GetOAuthClientConfig(ctx, idpID)
 }
 
 // getMetadata returns the authenticator metadata for GitHub OAuth authenticator.