From 35b4c0c284adcd44c05ae332e3053b194a6c06f3 Mon Sep 17 00:00:00 2001
From: jSasaki <takatsugu.sasaki@anti-pattern.co.jp>
Date: Fri, 7 Nov 2025 10:50:13 +0900
Subject: [PATCH 1/3] fix: use associative array and FETCH_RESPONSE in refresh
 endpoint

---
 app/Http/Controllers/IndexController.php | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/app/Http/Controllers/IndexController.php b/app/Http/Controllers/IndexController.php
index ff7c11f..47bf703 100644
--- a/app/Http/Controllers/IndexController.php
+++ b/app/Http/Controllers/IndexController.php
@@ -34,14 +34,15 @@ public function refresh(Request $request)
 
         try {
             $authClient = $this->client->getAuthClient();
-            $response = $authClient->getAuthCredentials([
-                '',
-                'refreshTokenAuth',
-                $refreshToken
-            ]);
-
-            return response()->json($response->getBody());
+            $res = $authClient->getAuthCredentials([
+                'auth-flow' => 'refreshTokenAuth',
+                'refresh-token' => $refreshToken
+            ], $authClient::FETCH_RESPONSE);
+            
+            $body = json_decode($res->getBody(), true);
+            return response()->json($body, Response::HTTP_OK);
         } catch (\Exception $e) {
+            Log::error($e->getMessage());
             return response('Error occurred', Response::HTTP_INTERNAL_SERVER_ERROR);
         }
     }

From 6b56ef55f4fc1d89ee854e13b9c878f32ebe783e Mon Sep 17 00:00:00 2001
From: jSasaki <takatsugu.sasaki@anti-pattern.co.jp>
Date: Fri, 7 Nov 2025 12:12:36 +0900
Subject: [PATCH 2/3] migrate credentials endpoint from SDK controller to
 IndexController

---
 app/Http/Controllers/IndexController.php | 21 +++++++++++++++++++++
 routes/api.php                           |  5 ++---
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/IndexController.php b/app/Http/Controllers/IndexController.php
index 47bf703..4343015 100644
--- a/app/Http/Controllers/IndexController.php
+++ b/app/Http/Controllers/IndexController.php
@@ -24,6 +24,27 @@ public function __construct()
         $this->client = new \AntiPatternInc\Saasus\Api\Client();
     }
 
+    public function credentials(Request $request)
+    {
+        if (empty($request->code)) {
+            return response()->json('code is not provided by query parameter', Response::HTTP_BAD_REQUEST);
+        }
+
+        try {
+            $authClient = $this->client->getAuthClient();
+            $res = $authClient->getAuthCredentials([
+                'code' => $request->code,
+                'auth-flow' => 'tempCodeAuth',
+            ], $authClient::FETCH_RESPONSE);
+            
+            $body = json_decode($res->getBody(), true);
+            return response()->json($body, Response::HTTP_OK);
+        } catch (\Exception $e) {
+            Log::error($e->getMessage());
+            return response()->json(['detail' => 'Error occurred'], Response::HTTP_INTERNAL_SERVER_ERROR);
+        }
+    }
+
     public function refresh(Request $request)
     {
         // リフレッシュトークンを取得
diff --git a/routes/api.php b/routes/api.php
index 191b3cf..5540d94 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -4,7 +4,6 @@
 use Illuminate\Support\Facades\Route;
 use App\Http\Controllers\IndexController;
 use App\Http\Controllers\BillingController;
-use AntiPatternInc\Saasus\Laravel\Controllers\CallbackApiController;
 /*
 |--------------------------------------------------------------------------
 | API Routes
@@ -16,8 +15,8 @@
 |
 */
 
-// 一時コードからIDトークンなどの認証情報を取得するコントローラを登録
-Route::get('/credentials', [CallbackApiController::class, 'index']);
+// 一時コードからIDトークンなどの認証情報を取得
+Route::get('/credentials', [IndexController::class, 'credentials']);
 Route::get('/refresh', [IndexController::class, 'refresh']);
 
 // SaaSus SDK標準のAuth Middlewareを利用する

From f4ca3b3e64491ff495eb4878018eb06a8d799e39 Mon Sep 17 00:00:00 2001
From: jSasaki <takatsugu.sasaki@anti-pattern.co.jp>
Date: Fri, 7 Nov 2025 15:32:02 +0900
Subject: [PATCH 3/3] use Laravel validation and unify JSON error responses

---
 app/Http/Controllers/IndexController.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/IndexController.php b/app/Http/Controllers/IndexController.php
index 4343015..3a28b00 100644
--- a/app/Http/Controllers/IndexController.php
+++ b/app/Http/Controllers/IndexController.php
@@ -26,9 +26,9 @@ public function __construct()
 
     public function credentials(Request $request)
     {
-        if (empty($request->code)) {
-            return response()->json('code is not provided by query parameter', Response::HTTP_BAD_REQUEST);
-        }
+        $request->validate([
+            'code' => 'required|string'
+        ]);
 
         try {
             $authClient = $this->client->getAuthClient();
@@ -50,7 +50,7 @@ public function refresh(Request $request)
         // リフレッシュトークンを取得
         $refreshToken = $request->cookie('SaaSusRefreshToken');
         if (!is_string($refreshToken)) {
-            return response('Refresh token not found', Response::HTTP_BAD_REQUEST);
+            return response()->json(['detail' => 'Refresh token not found'], Response::HTTP_BAD_REQUEST);
         }
 
         try {
@@ -64,7 +64,7 @@ public function refresh(Request $request)
             return response()->json($body, Response::HTTP_OK);
         } catch (\Exception $e) {
             Log::error($e->getMessage());
-            return response('Error occurred', Response::HTTP_INTERNAL_SERVER_ERROR);
+            return response()->json(['detail' => 'Error occurred'], Response::HTTP_INTERNAL_SERVER_ERROR);
         }
     }