refactor: split rotation check helpers

ariadne/services/firefly.py

@@ -462,6 +462,30 @@ def _build_sync_input(user: dict[str, Any]) -> FireflySyncInput | UserSyncOutcom
     )
 
 
+def _rotation_result(status: str, detail: str = "", rotated: bool | None = None) -> dict[str, Any]:
+    result = {"status": status}
+    if status == "ok":
+        result["rotated"] = bool(rotated)
+    elif detail:
+        result["detail"] = detail
+    return result
+
+
+def _rotation_check_input(username: str) -> tuple[FireflySyncInput | UserSyncOutcome | None, str]:
+    if not username:
+        return None, "missing username"
+    if not keycloak_admin.ready():
+        return None, "keycloak admin not configured"
+    user = keycloak_admin.find_user(username)
+    if not isinstance(user, dict):
+        return None, "user not found"
+    user_id = user.get("id") if isinstance(user.get("id"), str) else ""
+    if not user_id:
+        return None, "missing user id"
+    full = keycloak_admin.get_user(user_id)
+    return _build_sync_input(full), ""
+
+
 class FireflyService:
     def __init__(self) -> None:
         self._executor = PodExecutor(
@@ -471,49 +495,20 @@ class FireflyService:
         )
 
     def check_rotation_for_user(self, username: str) -> dict[str, Any]:
-        username = (username or "").strip()
+        cleaned = (username or "").strip()
-        status = "error"
+        prepared, error = _rotation_check_input(cleaned)
-        detail = ""
+        if error:
-        rotated = None
+            return _rotation_result("error", error)
-        if not username:
+        if isinstance(prepared, UserSyncOutcome):
-            detail = "missing username"
+            if prepared.status == "skipped":
-        elif not keycloak_admin.ready():
+                return _rotation_result("ok", rotated=False)
-            detail = "keycloak admin not configured"
+            return _rotation_result("error", prepared.detail or "")
-        else:
+        outcome = self._rotation_outcome(prepared)
-            user = keycloak_admin.find_user(username)
+        if outcome.status == "synced":
-            if not isinstance(user, dict):
+            return _rotation_result("ok", rotated=True)
-                detail = "user not found"
+        if outcome.status == "skipped":
-            else:
+            return _rotation_result("ok", rotated=False)
-                user_id = user.get("id") if isinstance(user.get("id"), str) else ""
+        return _rotation_result("error", outcome.detail or "rotation check failed")
-                if not user_id:
-                    detail = "missing user id"
-                else:
-                    full = keycloak_admin.get_user(user_id)
-                    prepared = _build_sync_input(full)
-                    if isinstance(prepared, UserSyncOutcome):
-                        if prepared.status == "skipped":
-                            status = "ok"
-                            rotated = False
-                        else:
-                            status = prepared.status
-                            detail = prepared.detail or ""
-                    else:
-                        outcome = self._rotation_outcome(prepared)
-                        if outcome.status == "synced":
-                            status = "ok"
-                            rotated = True
-                        elif outcome.status == "skipped":
-                            status = "ok"
-                            rotated = False
-                        else:
-                            detail = outcome.detail or "rotation check failed"
-
-        result = {"status": status}
-        if status == "ok":
-            result["rotated"] = bool(rotated)
-        elif detail:
-            result["detail"] = detail
-        return result
 
     def sync_user(self, email: str, password: str, wait: bool = True) -> dict[str, Any]:
         email = (email or "").strip()

ariadne/services/wger.py

@@ -421,6 +421,30 @@ def _build_sync_input(user: dict[str, Any]) -> WgerSyncInput | UserSyncOutcome:
     )
 
 
+def _rotation_result(status: str, detail: str = "", rotated: bool | None = None) -> dict[str, Any]:
+    result = {"status": status}
+    if status == "ok":
+        result["rotated"] = bool(rotated)
+    elif detail:
+        result["detail"] = detail
+    return result
+
+
+def _rotation_check_input(username: str) -> tuple[WgerSyncInput | UserSyncOutcome | None, str]:
+    if not username:
+        return None, "missing username"
+    if not keycloak_admin.ready():
+        return None, "keycloak admin not configured"
+    user = keycloak_admin.find_user(username)
+    if not isinstance(user, dict):
+        return None, "user not found"
+    user_id = user.get("id") if isinstance(user.get("id"), str) else ""
+    if not user_id:
+        return None, "missing user id"
+    full = keycloak_admin.get_user(user_id)
+    return _build_sync_input(full), ""
+
+
 class WgerService:
     def __init__(self) -> None:
         self._executor = PodExecutor(
@@ -430,49 +454,20 @@ class WgerService:
         )
 
     def check_rotation_for_user(self, username: str) -> dict[str, Any]:
-        username = (username or "").strip()
+        cleaned = (username or "").strip()
-        status = "error"
+        prepared, error = _rotation_check_input(cleaned)
-        detail = ""
+        if error:
-        rotated = None
+            return _rotation_result("error", error)
-        if not username:
+        if isinstance(prepared, UserSyncOutcome):
-            detail = "missing username"
+            if prepared.status == "skipped":
-        elif not keycloak_admin.ready():
+                return _rotation_result("ok", rotated=False)
-            detail = "keycloak admin not configured"
+            return _rotation_result("error", prepared.detail or "")
-        else:
+        outcome = self._rotation_outcome(prepared)
-            user = keycloak_admin.find_user(username)
+        if outcome.status == "synced":
-            if not isinstance(user, dict):
+            return _rotation_result("ok", rotated=True)
-                detail = "user not found"
+        if outcome.status == "skipped":
-            else:
+            return _rotation_result("ok", rotated=False)
-                user_id = user.get("id") if isinstance(user.get("id"), str) else ""
+        return _rotation_result("error", outcome.detail or "rotation check failed")
-                if not user_id:
-                    detail = "missing user id"
-                else:
-                    full = keycloak_admin.get_user(user_id)
-                    prepared = _build_sync_input(full)
-                    if isinstance(prepared, UserSyncOutcome):
-                        if prepared.status == "skipped":
-                            status = "ok"
-                            rotated = False
-                        else:
-                            status = prepared.status
-                            detail = prepared.detail or ""
-                    else:
-                        outcome = self._rotation_outcome(prepared)
-                        if outcome.status == "synced":
-                            status = "ok"
-                            rotated = True
-                        elif outcome.status == "skipped":
-                            status = "ok"
-                            rotated = False
-                        else:
-                            detail = outcome.detail or "rotation check failed"
-
-        result = {"status": status}
-        if status == "ok":
-            result["rotated"] = bool(rotated)
-        elif detail:
-            result["detail"] = detail
-        return result
 
     def sync_user(self, username: str, email: str, password: str, wait: bool = True) -> dict[str, Any]:
         username = (username or "").strip()