discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

oauth-raw-req-control
All checks were successful
Deploy on push / deploy (push) Successful in 2m55s
Details

Browse Source
This commit is contained in:
Untone
2025-09-28 20:45:08 +03:00
parent 9b727ac9ca
commit 44b69dc743
1 changed files with 26 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
auth/oauth.py
View File

@@ -687,8 +687,20 @@ async def oauth_callback_http(request: Request) -> JSONResponse | RedirectRespon
logger.info(f"🔧 Using OAuth without PKCE for {provider}") logger.info(f"🔧 Using OAuth without PKCE for {provider}")
logger.info(f"🔧 Callback URI: {callback_uri}") logger.info(f"🔧 Callback URI: {callback_uri}")
# Используем внутренний HTTP клиент для прямого запроса к token endpoint # Получаем token endpoint для провайдера
token_endpoints = {
"vk": "https://oauth.vk.com/access_token",
"yandex": "https://oauth.yandex.ru/token",
"telegram": "https://oauth.telegram.org/auth/token",
"facebook": "https://graph.facebook.com/v18.0/oauth/access_token",
}
token_endpoint = token_endpoints.get(provider)
if not token_endpoint:
logger.error(f"❌ Unknown token endpoint for provider: {provider}")
return JSONResponse({"error": f"Unknown provider: {provider}"}, status_code=400)
# Используем внутренний HTTP клиент для прямого запроса к token endpoint
token_data = { token_data = {
"grant_type": "authorization_code", "grant_type": "authorization_code",
"code": code, "code": code,
@@ -702,7 +714,7 @@ async def oauth_callback_http(request: Request) -> JSONResponse | RedirectRespon
async with httpx.AsyncClient() as http_client: async with httpx.AsyncClient() as http_client:
response = await http_client.post( response = await http_client.post(
client.token_endpoint, data=token_data, headers={"Accept": "application/json"} token_endpoint, data=token_data, headers={"Accept": "application/json"}
) )
if response.status_code != 200: if response.status_code != 200:
@@ -722,8 +734,18 @@ async def oauth_callback_http(request: Request) -> JSONResponse | RedirectRespon
logger.info(f"🔧 Code verifier length: {len(code_verifier) if code_verifier else 0}") logger.info(f"🔧 Code verifier length: {len(code_verifier) if code_verifier else 0}")
logger.info(f"🔧 Callback URI: {callback_uri}") logger.info(f"🔧 Callback URI: {callback_uri}")
# Используем внутренний HTTP клиент для прямого запроса к token endpoint # Получаем token endpoint для провайдера
token_endpoints = {
"google": "https://oauth2.googleapis.com/token",
"github": "https://github.com/login/oauth/access_token",
}
token_endpoint = token_endpoints.get(provider)
if not token_endpoint:
logger.error(f"❌ Unknown token endpoint for provider: {provider}")
return JSONResponse({"error": f"Unknown provider: {provider}"}, status_code=400)
# Используем внутренний HTTP клиент для прямого запроса к token endpoint
token_data = { token_data = {
"grant_type": "authorization_code", "grant_type": "authorization_code",
"code": code, "code": code,
@@ -734,7 +756,7 @@ async def oauth_callback_http(request: Request) -> JSONResponse | RedirectRespon
async with httpx.AsyncClient() as http_client: async with httpx.AsyncClient() as http_client:
response = await http_client.post( response = await http_client.post(
client.token_endpoint, data=token_data, headers={"Accept": "application/json"} token_endpoint, data=token_data, headers={"Accept": "application/json"}
) )
if response.status_code != 200: if response.status_code != 200: