review-bot/github/client.go

// Package github provides a client for the GitHub API.
// It supports pull request operations, file content retrieval, CI status checks,
// and directory listing for both github.com and GitHub Enterprise.
package github

import (
	"context"
	"errors"
	"fmt"
	"io"
	"net/http"
	"strconv"
	"strings"
	"time"
)

const defaultBaseURL = "https://api.github.com"
const userAgent = "review-bot/1.0"

// maxResponseBytes limits successful response body reads to 10 MiB.
const maxResponseBytes = 10 * 1024 * 1024

// APIError represents an HTTP error response from the GitHub API.
// It carries the status code so callers can distinguish between
// different failure modes (e.g. 404 vs 500).
type APIError struct {
	StatusCode int
	Body       string
}

func (e *APIError) Error() string {
	body := e.Body
	if len(body) > 200 {
		body = body[:200] + "...(truncated)"
	}
	return fmt.Sprintf("HTTP %d: %s", e.StatusCode, body)
}

// IsNotFound reports whether an error is an API 404 response.
func IsNotFound(err error) bool {
	if apiErr, ok := asAPIError(err); ok {
		return apiErr.StatusCode == http.StatusNotFound
	}
	return false
}

// IsUnauthorized reports whether an error is an API 401 response.
func IsUnauthorized(err error) bool {
	if apiErr, ok := asAPIError(err); ok {
		return apiErr.StatusCode == http.StatusUnauthorized
	}
	return false
}

func asAPIError(err error) (*APIError, bool) {
	if err == nil {
		return nil, false
	}
	var target *APIError
	if errors.As(err, &target) {
		return target, true
	}
	return nil, false
}

// Client interacts with the GitHub API.
// A Client is safe for concurrent use by multiple goroutines.
type Client struct {
	baseURL string
	token   string
	http    *http.Client

	// RetryBackoff defines the delays between retry attempts for 429 responses.
	// RetryBackoff[i] is the delay before attempt i+1 (after attempt i fails).
	// If nil, defaults to {1s, 2s}. Set to shorter durations in tests.
	RetryBackoff []time.Duration
}

// NewClient creates a new GitHub API client.
// If baseURL is empty, it defaults to https://api.github.com.
// For GitHub Enterprise, pass the API base URL (e.g. https://github.concur.com/api/v3).
func NewClient(token, baseURL string) *Client {
	if baseURL == "" {
		baseURL = defaultBaseURL
	}
	return &Client{
		baseURL: strings.TrimRight(baseURL, "/"),
		token:   token,
		http: &http.Client{
			Timeout: 30 * time.Second,
			CheckRedirect: func(req *http.Request, via []*http.Request) error {
				// Prevent forwarding Authorization header to different hosts on redirect.
				if len(via) > 0 && req.URL.Host != via[0].URL.Host {
					req.Header.Del("Authorization")
				}
				if len(via) >= 10 {
					return fmt.Errorf("stopped after 10 redirects")
				}
				return nil
			},
		},
	}
}

// SetHTTPClient sets the underlying HTTP client used for requests.
// This is intended for testing to inject mock transports.
func (c *Client) SetHTTPClient(hc *http.Client) {
	c.http = hc
}

// doRequest performs an HTTP request with retry on 429 rate limit responses.
// It respects the Retry-After header when present (capped at maxRetryAfter).
// Transport errors (network failures, context cancellation) are not retried.
func (c *Client) doRequest(ctx context.Context, method, url string, accept string) ([]byte, error) {
	const maxAttempts = 3
	const maxRetryAfter = 120 * time.Second

	var backoff []time.Duration
	if c.RetryBackoff != nil {
		backoff = make([]time.Duration, len(c.RetryBackoff))
		copy(backoff, c.RetryBackoff)
	} else {
		backoff = []time.Duration{1 * time.Second, 2 * time.Second}
	}

	const maxErrorBodyBytes = 64 * 1024

	var lastErr error
	for attempt := 0; attempt < maxAttempts; attempt++ {
		if attempt > 0 {
			var delay time.Duration
			if attempt-1 < len(backoff) {
				delay = backoff[attempt-1]
			}
			if delay > 0 {
				timer := time.NewTimer(delay)
				select {
				case <-timer.C:
				case <-ctx.Done():
					timer.Stop()
					return nil, ctx.Err()
				}
			}
		}

		req, err := http.NewRequestWithContext(ctx, method, url, nil)
		if err != nil {
			return nil, fmt.Errorf("create request: %w", err)
		}
		if c.token != "" {
			req.Header.Set("Authorization", "Bearer "+c.token)
		}
		req.Header.Set("User-Agent", userAgent)
		if accept != "" {
			req.Header.Set("Accept", accept)
		} else {
			req.Header.Set("Accept", "application/vnd.github+json")
		}

		resp, err := c.http.Do(req)
		if err != nil {
			return nil, fmt.Errorf("do request: %w", err)
		}

		if resp.StatusCode >= 200 && resp.StatusCode < 300 {
			body, err := io.ReadAll(io.LimitReader(resp.Body, maxResponseBytes))
			resp.Body.Close()
			if err != nil {
				return nil, fmt.Errorf("read response body: %w", err)
			}
			return body, nil
		}

		errBody, _ := io.ReadAll(io.LimitReader(resp.Body, maxErrorBodyBytes))
		resp.Body.Close()

		lastErr = &APIError{StatusCode: resp.StatusCode, Body: string(errBody)}

		// Retry on 429 rate limit
		if resp.StatusCode == http.StatusTooManyRequests && attempt < maxAttempts-1 {
			// Check for Retry-After header and override backoff if present
			if ra := resp.Header.Get("Retry-After"); ra != "" {
				if seconds, err := strconv.Atoi(ra); err == nil && seconds > 0 {
					delay := time.Duration(seconds) * time.Second
					if delay > maxRetryAfter {
						delay = maxRetryAfter
					}
					if attempt < len(backoff) {
						backoff[attempt] = delay
					}
				}
			}
			continue
		}

		// Don't retry other errors
		return nil, lastErr
	}

	return nil, lastErr
}

// doGet is a convenience wrapper for GET requests with the default Accept header.
func (c *Client) doGet(ctx context.Context, url string) ([]byte, error) {
	return c.doRequest(ctx, http.MethodGet, url, "")
}