refactor: auth service

[0xEbrahim]

Pull Request Template

Adresses: #2434
Description:
This PR refactors the pkg/gofr/service/auth.go file to eliminate duplicated logic across HTTP method implementations (Get, Post, Patch, Put, and Delete).
A new helper function doAuthWithHeaders was introduced to centralize the authentication and header injection process, significantly improving code maintainability and readability.

Key improvements:

Consolidated repetitive code that handled authentication and HTTP header merging into a single utility method doAuthWithHeaders.

Reduced boilerplate across all HTTP methods by reusing the same authentication logic.

Ensured consistent behavior for all request types (GET, POST, PATCH, PUT, DELETE).

Improved testability by isolating authentication header injection logic.

Enhanced readability and maintainability for future extension (e.g., adding HEAD, OPTIONS, or custom verbs).

Breaking Changes (if applicable):
None — this is a purely internal refactor; all public method signatures remain unchanged.
Checklist:

• I have formatted my code using goimport and golangci-lint.
• All new code is covered by unit tests.
• This PR does not decrease the overall code coverage.
• I have reviewed the code comments and documentation for clarity.

[Umang01-hash]

@0xEbrahim Thanks for making your contribution to GoFr. After running the workflow we got to know your PR has some linter errors, can you please resolve them so that we can reveiw the PR.

[0xEbrahim]

Yeah i will fix it >

@0xEbrahim Thanks for making your contribution to GoFr. After running the workflow we got to know your PR has some linter errors, can you please resolve them so that we can reveiw the PR.

[Umang01-hash]

@0xEbrahim I reviewed the refactoring and foudnd that this refactoring adds unnecessary complexity through the WithHeaderType function type and doAuthWithHeaders abstraction. The original implementation was more readable with its straightforward approach.

Go favors clarity over cleverness - the anonymous functions in methods like GetWithHeaders and DeleteWithHeaders create additional cognitive load without solving a significant problem.

[Umang01-hash]

@0xEbrahim I was majorly referring to file pkg/gofr/service/new_test.go file that has the following concerns:

• Excessive code duplication across HTTP method tests
• Repetitive test server setup and teardown
• Limited testing of the core createAndSendRequest method
• Repeated response handling patterns
• Similar assertion logic duplicated throughout

I feel that auth.go is already simplified, we need to focus on other files like the one above and refactor them.

[0xEbrahim]

@0xEbrahim I was majorly referring to file pkg/gofr/service/new_test.go file that has the following concerns:

• Excessive code duplication across HTTP method tests
• Repetitive test server setup and teardown
• Limited testing of the core createAndSendRequest method
• Repeated response handling patterns
• Similar assertion logic duplicated throughout

I feel that auth.go is already simplified, we need to focus on other files like the one above and refactor them.

Such a great feedback, i will start working on new_test.go, thanks for your concern..
I just saw some repeated code on auth.go so i gave it a trry, the lines that handle error & headers, but the function a..HTTP.(method)WithHeaders added more complexity yeah..
thanks

[sierikov]

Hi, I am not a code owner. But I think it is better to leave initial

headers, err := a.auth(ctx, headers)
if err != nil { 
	return nil, err
}
return a.HTTP.DeleteWithHeaders(ctx, path, body, headers)

for better readability. What do you think?

[0xEbrahim]

Yeah, You are totally right, I over-refactored it

[Umang01-hash]

@0xEbrahim As discussed earlier, closing this PR as of now as auth.go is already simplified.