chore: Refactor RefreshOauthTokenService to improve readability (#8820)

- Added a trait called microsoft_email for the Channel::Email factory.
- Rewrote the logic to make it simple to understand
- Rewrote the specs for readability

app/services/microsoft/refresh_oauth_token_service.rb

@@ -1,48 +1,39 @@
-# refer: https://gitlab.com/gitlab-org/ruby/gems/gitlab-mail_room/-/blob/master/lib/mail_room/microsoft_graph/connection.rb
-# refer: https://github.com/microsoftgraph/msgraph-sample-rubyrailsapp/tree/b4a6869fe4a438cde42b161196484a929f1bee46
-# https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes
+# Refer: https://learn.microsoft.com/en-us/entra/identity-platform/configurable-token-lifetimes
 class Microsoft::RefreshOauthTokenService
   pattr_initialize [:channel!]
 
-  # if the token is not expired yet then skip the refresh token step
+  # Additional references: https://gitlab.com/gitlab-org/ruby/gems/gitlab-mail_room/-/blob/master/lib/mail_room/microsoft_graph/connection.rb
   def access_token
-    provider_config = channel.provider_config.with_indifferent_access
-    if Time.current.utc >= expires_on(provider_config['expires_on'])
-      # Token expired, refresh
-      new_hash = refresh_tokens
-      new_hash[:access_token]
-    else
-      provider_config[:access_token]
-    end
+    return provider_config[:access_token] unless access_token_expired?
+
+    refreshed_tokens = refresh_tokens
+    refreshed_tokens[:access_token]
   end
 
-  def expires_on(expiry)
-    # we will give it a 5 minute gap for safety
-    expiry.presence ? DateTime.parse(expiry) - 5.minutes : Time.current.utc
+  def access_token_expired?
+    expiry = provider_config[:expires_on]
+
+    return true if expiry.blank?
+
+    # Adding a 5 minute window to expiry check to avoid any race
+    # conditions during the fetch operation. This would assure that the
+    # tokens are updated when we fetch the emails.
+    Time.current.utc >= DateTime.parse(expiry) - 5.minutes
   end
 
-  # <RefreshTokensSnippet>
+  # Refresh the access tokens using the refresh token
+  # Refer: https://github.com/microsoftgraph/msgraph-sample-rubyrailsapp/tree/b4a6869fe4a438cde42b161196484a929f1bee46
   def refresh_tokens
-    token_hash = channel.provider_config.with_indifferent_access
-    oauth_strategy = ::MicrosoftGraphAuth.new(
-      nil, ENV.fetch('AZURE_APP_ID', nil), ENV.fetch('AZURE_APP_SECRET', nil)
-    )
+    oauth_strategy = build_oauth_strategy
+    token_service = build_token_service(oauth_strategy)
 
-    token_service = OAuth2::AccessToken.new(
-      oauth_strategy.client, token_hash['access_token'],
-      refresh_token: token_hash['refresh_token']
-    )
-
-    # Refresh the tokens
     new_tokens = token_service.refresh!.to_hash.slice(:access_token, :refresh_token, :expires_at)
 
     update_channel_provider_config(new_tokens)
-    channel.provider_config
+    channel.reload.provider_config
   end
-  # </RefreshTokensSnippet>
 
   def update_channel_provider_config(new_tokens)
-    new_tokens = new_tokens.with_indifferent_access
     channel.provider_config = {
       access_token: new_tokens[:access_token],
       refresh_token: new_tokens[:refresh_token],
@@ -50,4 +41,24 @@ class Microsoft::RefreshOauthTokenService
     }
     channel.save!
   end
+
+  private
+
+  def provider_config
+    @provider_config ||= channel.provider_config.with_indifferent_access
+  end
+
+  # Builds the OAuth strategy for Microsoft Graph
+  def build_oauth_strategy
+    ::MicrosoftGraphAuth.new(nil, ENV.fetch('AZURE_APP_ID'), ENV.fetch('AZURE_APP_SECRET'))
+  end
+
+  # Builds the token service using OAuth2
+  def build_token_service(oauth_strategy)
+    OAuth2::AccessToken.new(
+      oauth_strategy.client,
+      provider_config[:access_token],
+      refresh_token: provider_config[:refresh_token]
+    )
+  end
 end