refactor(cli): use stdlib, parallelize API calls, and remove dead exports

- Replace custom containsSubstring/findSubstring with strings.Contains
- Run verifyToken and fetchUserInfo concurrently via sync.WaitGroup
- Remove unused exported ParseError and GetErrorRecommendations wrappers

Author: appleboy

config_test.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"strings"
 	"testing"
 
 	"github.com/go-authgate/sdk-go/credstore"
@@ -52,7 +53,7 @@ func TestNewTokenStore(t *testing.T) {
 				if err == nil {
 					t.Fatal("expected error, got nil")
 				}
-				if !containsSubstring(err.Error(), tc.errSubstr) {
+				if !strings.Contains(err.Error(), tc.errSubstr) {
 					t.Errorf("error %q should contain %q", err.Error(), tc.errSubstr)
 				}
 				return

main.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"os"
 	"os/signal"
+	"sync"
 	"syscall"
 	"time"
 
@@ -116,18 +117,33 @@ func run(ctx context.Context, ui tui.Manager, cfg *AppConfig) int {
 	// Display token info.
 	ui.ShowTokenInfo(toTUITokenStorage(storage, flow, cfg.Store.String()))
 
-	// Verify token against server.
-	info, err := verifyToken(ctx, cfg, storage.AccessToken)
-	if err != nil {
-		ui.ShowVerification(false, err.Error())
+	// Verify token and fetch UserInfo in parallel (independent API calls).
+	var (
+		verifyInfo string
+		verifyErr  error
+		userInfo   *UserInfo
+		userErr    error
+		wg         sync.WaitGroup
+	)
+	wg.Add(2)
+	go func() {
+		defer wg.Done()
+		verifyInfo, verifyErr = verifyToken(ctx, cfg, storage.AccessToken)
+	}()
+	go func() {
+		defer wg.Done()
+		userInfo, userErr = fetchUserInfo(ctx, cfg, storage.AccessToken)
+	}()
+	wg.Wait()
+
+	if verifyErr != nil {
+		ui.ShowVerification(false, verifyErr.Error())
 	} else {
-		ui.ShowVerification(true, info)
+		ui.ShowVerification(true, verifyInfo)
 	}
 
-	// Fetch OIDC UserInfo profile claims (OIDC Core §5.3).
-	userInfo, err := fetchUserInfo(ctx, cfg, storage.AccessToken)
-	if err != nil {
-		ui.ShowUserInfo(false, err.Error())
+	if userErr != nil {
+		ui.ShowUserInfo(false, userErr.Error())
 	} else {
 		ui.ShowUserInfo(true, formatUserInfo(userInfo))
 	}

main_test.go

@@ -7,6 +7,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"path/filepath"
+	"strings"
 	"sync"
 	"sync/atomic"
 	"testing"
@@ -242,7 +243,7 @@ func TestBuildAuthURL_ContainsRequiredParams(t *testing.T) {
 		"code_challenge=test-challenge",
 		"code_challenge_method=S256",
 	} {
-		if !containsSubstring(u, want) {
+		if !strings.Contains(u, want) {
 			t.Errorf("auth URL missing %q\nURL: %s", want, u)
 		}
 	}
@@ -362,16 +363,3 @@ func TestRequestDeviceCode_WithRetry(t *testing.T) {
 // -----------------------------------------------------------------------
 // Helpers
 // -----------------------------------------------------------------------
-
-func containsSubstring(s, sub string) bool {
-	return len(s) >= len(sub) && findSubstring(s, sub)
-}
-
-func findSubstring(s, sub string) bool {
-	for i := 0; i <= len(s)-len(sub); i++ {
-		if s[i:i+len(sub)] == sub {
-			return true
-		}
-	}
-	return false
-}

tui/error_parser.go

@@ -33,13 +33,7 @@ var oauthErrorCodes = []string{
 	"unsupported_grant_type",
 }
 
-// ParseError parses an error message and extracts OAuth error information.
-// This is exported for testing purposes.
-func ParseError(err error) *ParsedError {
-	return parseError(err)
-}
-
-// parseError is the internal implementation
+// parseError parses an error message and extracts OAuth error information.
 func parseError(err error) *ParsedError {
 	if err == nil {
 		return nil
@@ -167,13 +161,7 @@ func extractCleanMessage(errMsg string) string {
 	return cleaned
 }
 
-// GetErrorRecommendations returns context-specific recommendations based on the parsed error.
-// This is exported for testing purposes.
-func GetErrorRecommendations(parsed *ParsedError) []string {
-	return getErrorRecommendations(parsed)
-}
-
-// getErrorRecommendations is the internal implementation
+// getErrorRecommendations returns context-specific recommendations based on the parsed error.
 func getErrorRecommendations(parsed *ParsedError) []string {
 	if parsed == nil {
 		return nil