Remove jwt validation for jschorr to fix later

Refactor oauth validate method to take config over entire appconfig

oauth/services/github.py

@@ -75,8 +75,7 @@ class GithubOAuthService(OAuthLoginService):
   def orgs_endpoint(self):
     return slash_join(self._api_endpoint(), 'user/orgs')
 
-  # TODO(sam): refactor the base method to not take app config
-  def validate_client_id_and_secret(self, http_client):
+  def validate_client_id_and_secret(self, http_client, url_scheme_and_hostname):
     # First: Verify that the github endpoint is actually Github by checking for the
     # X-GitHub-Request-Id here.
     api_endpoint = self._api_endpoint()

oauth/services/gitlab.py

@@ -29,8 +29,6 @@ class GitLabOAuthService(OAuthService):
   def token_endpoint(self):
     return OAuthEndpoint(slash_join(self._endpoint(), '/oauth/token'))
 
-  # TODO(sam): this signature does not match its parent class. refactor the base method to take the namedtuple URLSchemeAndHostname
-  # TODO cont: reason I did this was to decouple the app, but it requires more refactoring
   def validate_client_id_and_secret(self, http_client, url_scheme_and_hostname):
     # We validate the client ID and secret by hitting the OAuth token exchange endpoint with
     # the real client ID and secret, but a fake auth code to exchange. Gitlab's implementation will

oauth/services/google.py

@@ -41,8 +41,7 @@ class GoogleOAuthService(OAuthLoginService):
   def requires_form_encoding(self):
     return True
 
-  # TODO(sam): this signature does not match its parent class. refactor the base method to take the namedtuple URLSchemeAndHostname
-  def validate_client_id_and_secret(self, http_client):
+  def validate_client_id_and_secret(self, http_client, url_scheme_and_hostname):
     # To verify the Google client ID and secret, we hit the
     # https://www.googleapis.com/oauth2/v3/token endpoint with an invalid request. If the client
     # ID or secret are invalid, we get returned a 403 Unauthorized. Otherwise, we get returned