From 24514ad99cc3845a997feec9d22934aa13fbd535 Mon Sep 17 00:00:00 2001
From: Cyril David <cyril.david@auth0.com>
Date: Mon, 25 Jan 2021 15:47:52 -0800
Subject: [PATCH] Use url.URL when it makes sense

---
 internal/auth/exchange.go  | 3 ++-
 internal/auth/user_info.go | 5 +++--
 internal/cli/try_login.go  | 9 ++++++++-
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/internal/auth/exchange.go b/internal/auth/exchange.go
index 55be112bb..1643a48cd 100644
--- a/internal/auth/exchange.go
+++ b/internal/auth/exchange.go
@@ -27,7 +27,8 @@ func ExchangeCodeForToken(baseDomain, clientID, clientSecret, code, cbURL string
 		"redirect_uri":  {cbURL},
 	}
 
-	r, err := http.PostForm(fmt.Sprintf("https://%s/oauth/token", baseDomain), data)
+	u := url.URL{Scheme: "https", Host: baseDomain, Path: "/oauth/token"}
+	r, err := http.PostForm(u.String(), data)
 	if err != nil {
 		return nil, fmt.Errorf("unable to exchange code for token: %w", err)
 	}
diff --git a/internal/auth/user_info.go b/internal/auth/user_info.go
index 13746771e..b411fd6cf 100644
--- a/internal/auth/user_info.go
+++ b/internal/auth/user_info.go
@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"net/url"
 	"time"
 )
 
@@ -32,9 +33,9 @@ type UserInfo struct {
 
 // FetchUserInfo fetches and parses user information with the provided access token.
 func FetchUserInfo(baseDomain, token string) (*UserInfo, error) {
-	userInfoEndpoint := fmt.Sprintf("https://%s/userinfo", baseDomain)
+	endpoint := url.URL{Scheme: "https", Host: baseDomain, Path: "/userinfo"}
 
-	req, err := http.NewRequest("GET", userInfoEndpoint, nil)
+	req, err := http.NewRequest("GET", endpoint.String(), nil)
 	if err != nil {
 		return nil, fmt.Errorf("unable to exchange code for token: %w", err)
 	}
diff --git a/internal/cli/try_login.go b/internal/cli/try_login.go
index f4aea5dc0..3cd3b5dcb 100644
--- a/internal/cli/try_login.go
+++ b/internal/cli/try_login.go
@@ -155,7 +155,14 @@ func buildInitiateLoginURL(domain, clientID string) (string, error) {
 	q.Add("scope", cliLoginTestingScopes)
 	q.Add("redirect_uri", cliLoginTestingCallbackURL)
 
-	return fmt.Sprintf("https://%s%s?%s", domain, path, q.Encode()), nil
+	u := &url.URL{
+		Scheme:   "https",
+		Host:     domain,
+		Path:     path,
+		RawQuery: q.Encode(),
+	}
+
+	return u.String(), nil
 }
 
 // waitForBrowserCallback lauches a new HTTP server listening on