Decouple oauth methods from app with a namedtuple

2018-05-25 13:49:36 -04:00 · 2018-05-25 13:49:36 -04:00 · e967fde3ae
commit e967fde3ae
parent d45b925155
7 changed files with 20 additions and 7 deletions
--- a/oauth/base.py
+++ b/oauth/base.py
@ -7,6 +7,7 @@ from abc import ABCMeta, abstractmethod
 from six import add_metaclass

 from util import get_app_url
+from util.config import URLSchemeAndHostname

 logger = logging.getLogger(__name__)

@ -111,9 +112,9 @@ class OAuthService(object):

    return self.authorize_endpoint().with_params(params).to_url()

-  def get_redirect_uri(self, app_config, redirect_suffix=''):
-    return '%s://%s/oauth2/%s/callback%s' % (app_config['PREFERRED_URL_SCHEME'],
-                                             app_config['SERVER_HOSTNAME'],
+  def get_redirect_uri(self, url_scheme_and_hostname, redirect_suffix=''):
+    return '%s://%s/oauth2/%s/callback%s' % (url_scheme_and_hostname.url_scheme,
+                                             url_scheme_and_hostname.hostname,
                                             self.service_id(),
                                             redirect_suffix)

@ -153,10 +154,11 @@ class OAuthService(object):
  def exchange_code(self, app_config, http_client, code, form_encode=False, redirect_suffix='',
                    client_auth=False):
    """ Exchanges an OAuth access code for associated OAuth token and other data. """
+    url_scheme_and_hostname = URLSchemeAndHostname(app_config['PREFERRED_URL_SCHEME'], app_config['SERVER_HOSTNAME'])
    payload = {
      'code': code,
      'grant_type': 'authorization_code',
-      'redirect_uri': self.get_redirect_uri(app_config, redirect_suffix)
+      'redirect_uri': self.get_redirect_uri(url_scheme_and_hostname, redirect_suffix)
    }

    headers = {
--- a/oauth/login.py
+++ b/oauth/login.py
@ -6,6 +6,7 @@ from six import add_metaclass
 import features

 from oauth.base import OAuthService, OAuthExchangeCodeException, OAuthGetUserInfoException
+from util.config import URLSchemeAndHostname

 logger = logging.getLogger(__name__)

@ -64,6 +65,7 @@ class OAuthLoginService(OAuthService):

    # Retrieve the token for the OAuth code.
    try:
+      # url_scheme_and_hostname = URLSchemeAndHostname(app_config['PREFERRED_URL_SCHEME'], app_config['SERVER_HOSTNAME'])
      token = self.exchange_code_for_token(app_config, http_client, code,
                                           redirect_suffix=redirect_suffix,
                                           form_encode=self.requires_form_encoding())
--- a/oauth/services/gitlab.py
+++ b/oauth/services/gitlab.py
@ -29,13 +29,13 @@ class GitLabOAuthService(OAuthService):
  def token_endpoint(self):
    return OAuthEndpoint(slash_join(self._endpoint(), '/oauth/token'))

-  def validate_client_id_and_secret(self, http_client, app_config):
+  def validate_client_id_and_secret(self, http_client, url_scheme_and_hostname):
    # We validate the client ID and secret by hitting the OAuth token exchange endpoint with
    # the real client ID and secret, but a fake auth code to exchange. Gitlab's implementation will
    # return `invalid_client` as the `error` if the client ID or secret is invalid; otherwise, it
    # will return another error.
    url = self.token_endpoint().to_url()
-    redirect_uri = self.get_redirect_uri(app_config, redirect_suffix='trigger')
+    redirect_uri = self.get_redirect_uri(url_scheme_and_hostname, redirect_suffix='trigger')
    data = {
      'code': 'fakecode',
      'client_id': self.client_id(),