feat: apply CodeRabbit's suggestions

Author: i-meant-to-be

app/src/main/java/com/debatetimer/app/data/model/TokenBundle.kt

@@ -6,4 +6,8 @@ import kotlinx.serialization.Serializable
 data class TokenBundle(
     val accessToken: String,
     val refreshToken: String,
-)
+) {
+    override fun toString(): String {
+        return "TokenBundle(accessToken='***', refreshToken='***')"
+    }
+}

app/src/main/java/com/debatetimer/app/data/repo/TokenRepo.kt

@@ -3,6 +3,6 @@ package com.debatetimer.app.data.repo
 import com.debatetimer.app.data.model.TokenBundle
 
 interface TokenRepo {
-    suspend fun getTokens(): Result<TokenBundle>
-    suspend fun saveTokens(bundle: TokenBundle): Result<Boolean>
+    suspend fun getTokens(): Result<TokenBundle?>
+    suspend fun saveTokens(bundle: TokenBundle): Result<Unit>
 }

app/src/main/java/com/debatetimer/app/data/repo/TokenRepoImpl.kt

@@ -7,6 +7,7 @@ import com.debatetimer.app.data.model.TokenBundle
 import com.debatetimer.app.data.serializer.tokenDataStore
 import com.debatetimer.app.util.crypto.CryptoManager
 import com.google.gson.Gson
+import com.google.gson.JsonSyntaxException
 import com.google.protobuf.kotlin.toByteString
 import dagger.hilt.android.qualifiers.ApplicationContext
 import kotlinx.coroutines.flow.first
@@ -17,41 +18,53 @@ class TokenRepoImpl @Inject constructor(
     private val cryptoManager: CryptoManager
 ) :
     TokenRepo {
+    companion object {
+        private val gson = Gson().newBuilder()
+            .disableHtmlEscaping()
+            .create()
+    }
+
     private val tokenDataStore: DataStore<EncryptedTokens> = context.tokenDataStore
 
-    private suspend fun getBundle(): TokenBundle? {
+    override suspend fun getTokens(): Result<TokenBundle?> {
         try {
             val encryptedTokens = tokenDataStore.data.first()
+
+            if (encryptedTokens.encryptedTokenBundle.isEmpty || encryptedTokens.initializationVector.isEmpty) {
+                return Result.success(null)
+            }
+
             val ciphertext = encryptedTokens.encryptedTokenBundle.toByteArray()
             val iv = encryptedTokens.initializationVector.toByteArray()
             val decryptedTokens = cryptoManager.decrypt(ciphertext, iv)
 
-            return Gson().fromJson(decryptedTokens, TokenBundle::class.java)
-        } catch (_: NoSuchElementException) {
-            return null
-        } catch (e: Exception) {
-            throw e
-        }
-    }
-
-    override suspend fun getTokens(): Result<TokenBundle> {
-        try {
-            val bundle = getBundle()
+            val bundle = gson.fromJson(decryptedTokens, TokenBundle::class.java)
 
             return if (bundle != null) {
                 Result.success(bundle)
             } else {
                 Result.failure(NoSuchElementException())
             }
+        } catch (_: NoSuchElementException) {
+            return Result.success(null)
+        } catch (e: JsonSyntaxException) {
+            return Result.failure(IllegalStateException("Corrupted token data", e))
         } catch (e: Exception) {
             return Result.failure(e)
         }
     }
 
-    override suspend fun saveTokens(bundle: TokenBundle): Result<Boolean> {
+    override suspend fun saveTokens(bundle: TokenBundle): Result<Unit> {
         try {
+            require(bundle.accessToken.isNotBlank())
+            require(bundle.refreshToken.isNotBlank())
+
             tokenDataStore.updateData { current ->
-                val serializedBundle = Gson().toJson(bundle)
+                val serializedBundle = try {
+                    gson.toJson(bundle)
+                } catch (e: Exception) {
+                    throw IllegalStateException("Failed to serialize token bundle", e)
+                }
                 val encryptionOutput = cryptoManager.encrypt(serializedBundle)
 
                 current.toBuilder()
@@ -60,7 +73,7 @@ class TokenRepoImpl @Inject constructor(
                     .build()
             }
 
-            return Result.success(true)
+            return Result.success(Unit)
         } catch (e: Exception) {
             return Result.failure(e)
         }

app/src/main/java/com/debatetimer/app/util/crypto/CryptoManager.kt

@@ -1,6 +1,21 @@
 package com.debatetimer.app.util.crypto
 
+/**
+ * 토큰의 암호화 및 복호화를 담당하는 인터페이스
+ */
 interface CryptoManager {
+    /**
+     * 평문을 암호화합니다.
+     * @param plainText 암호화 할 평문
+     * @return 암호화된 암호문와 IV의 Pair
+     */
     fun encrypt(plainText: String): Pair<ByteArray, ByteArray>
+
+    /**
+     * 암호문을 평문으로 복호화합니다.
+     * @param encryptedText 복호화 할 암호문
+     * @param iv IV
+     * @return 복호화된 평문
+     */
     fun decrypt(encryptedText: ByteArray, iv: ByteArray): String
 }

app/src/main/java/com/debatetimer/app/util/crypto/CryptoManagerImpl.kt

@@ -22,8 +22,14 @@ class CryptoManagerImpl @Inject constructor() : CryptoManager {
     }
 
     // Keystore instance
-    private val keyStore = KeyStore.getInstance(ANDROID_KEYSTORE).apply {
-        load(null)
+    private val keyStore by lazy {
+        try {
+            KeyStore.getInstance(ANDROID_KEYSTORE).apply {
+                load(null)
+            }
+        } catch (e: Exception) {
+            throw RuntimeException("Failed to load Android KeyStore", e)
+        }
     }
 
     /**
@@ -56,25 +62,36 @@ class CryptoManagerImpl @Inject constructor() : CryptoManager {
     }
 
     override fun encrypt(plainText: String): Pair<ByteArray, ByteArray> {
+        // 0. Check whether plainText is not empty
+        require(plainText.isNotEmpty()) { "Plain text cannot be empty" }
+
         // 1. Load cipher instance
         val cipher = Cipher.getInstance(TRANSFORMATION)
 
         // 2. Init cipher with encryption mode
         cipher.init(Cipher.ENCRYPT_MODE, getOrCreateKey())
 
         // 3. Return encrypted text and IV
-        return Pair(cipher.doFinal(plainText.toByteArray()), cipher.iv)
+        return Pair(cipher.doFinal(plainText.toByteArray(charset = Charsets.UTF_8)), cipher.iv)
     }
 
     override fun decrypt(encryptedText: ByteArray, iv: ByteArray): String {
-        // 1. Load cipher instance and prepare variables
-        val cipher = Cipher.getInstance(TRANSFORMATION)
-        val spec = GCMParameterSpec(128, iv)
+        require(encryptedText.isNotEmpty()) { "Encrypted text cannot be empty" }
+        require(iv.isNotEmpty()) { "IV cannot be empty" }
+        require(iv.size == 12) { "IV must be 12 bytes" }
 
-        // 2. Init cipher with decryption mode
-        cipher.init(Cipher.DECRYPT_MODE, getOrCreateKey(), spec)
+        try {
+            // 1. Load cipher instance and prepare variables
+            val cipher = Cipher.getInstance(TRANSFORMATION)
+            val spec = GCMParameterSpec(128, iv)
 
-        // 3. Return decrypted text
-        return String(cipher.doFinal(encryptedText), Charsets.UTF_8)
+            // 2. Init cipher with decryption mode
+            cipher.init(Cipher.DECRYPT_MODE, getOrCreateKey(), spec)
+
+            // 3. Return decrypted text
+            return String(cipher.doFinal(encryptedText), Charsets.UTF_8)
+        } catch (e: Exception) {
+            throw RuntimeException("Failed to decrypt data", e)
+        }
     }
 }

app/src/main/proto/encrypted_tokens.proto

@@ -1,5 +1,7 @@
 syntax = "proto3";
 
+package com.debatetimer.app.data;
+
 option java_package = "com.debatetimer.app";
 option java_multiple_files = true;