From 71b47bfe5940e555e5a1eb6f09a6a112eb1b1437 Mon Sep 17 00:00:00 2001 From: Untone Date: Tue, 23 Sep 2025 18:31:56 +0300 Subject: [PATCH] =?UTF-8?q?-=20=F0=9F=94=A7=20**OAuth=20Provider=20Registr?= =?UTF-8?q?ation**:=20=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB=D0=B5?= =?UTF-8?q?=D0=BD=D0=B0=20=D0=BB=D0=BE=D0=B3=D0=B8=D0=BA=D0=B0=20=D1=80?= =?UTF-8?q?=D0=B5=D0=B3=D0=B8=D1=81=D1=82=D1=80=D0=B0=D1=86=D0=B8=D0=B8=20?= =?UTF-8?q?OAuth=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B0=D0=B9=D0=B4=D0=B5=D1=80?= =?UTF-8?q?=D0=BE=D0=B2=20-=20=D1=82=D0=B5=D0=BF=D0=B5=D1=80=D1=8C=20?= =?UTF-8?q?=D0=BA=D0=BE=D1=80=D1=80=D0=B5=D0=BA=D1=82=D0=BD=D0=BE=20=D0=BF?= =?UTF-8?q?=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D1=8F=D1=8E=D1=82=D1=81=D1=8F=20?= =?UTF-8?q?=D0=BD=D0=B5=D0=BF=D1=83=D1=81=D1=82=D1=8B=D0=B5=20client=5Fid?= =?UTF-8?q?=20=D0=B8=20client=5Fsecret=20-=20=F0=9F=94=8D=20**OAuth=20Debu?= =?UTF-8?q?gging**:=20=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD?= =?UTF-8?q?=D0=BE=20=D0=BE=D1=82=D0=BB=D0=B0=D0=B4=D0=BE=D1=87=D0=BD=D0=BE?= =?UTF-8?q?=D0=B5=20=D0=BB=D0=BE=D0=B3=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D0=BD?= =?UTF-8?q?=D0=B8=D0=B5=20=D0=B4=D0=BB=D1=8F=20=D0=B4=D0=B8=D0=B0=D0=B3?= =?UTF-8?q?=D0=BD=D0=BE=D1=81=D1=82=D0=B8=D0=BA=D0=B8=20=D0=BF=D1=80=D0=BE?= =?UTF-8?q?=D0=B1=D0=BB=D0=B5=D0=BC=20=D1=81=20OAuth=20=D0=BF=D1=80=D0=BE?= =?UTF-8?q?=D0=B2=D0=B0=D0=B9=D0=B4=D0=B5=D1=80=D0=B0=D0=BC=D0=B8=20-=20?= =?UTF-8?q?=F0=9F=9A=AB=20**OAuth=20Error**:=20=D0=98=D1=81=D0=BF=D1=80?= =?UTF-8?q?=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=B0=20=D0=BE=D1=88=D0=B8=D0=B1?= =?UTF-8?q?=D0=BA=D0=B0=20"Provider=20not=20configured"=20=D0=BF=D1=80?= =?UTF-8?q?=D0=B8=20=D0=BF=D1=83=D1=81=D1=82=D1=8B=D1=85=20=D0=BF=D0=B5?= =?UTF-8?q?=D1=80=D0=B5=D0=BC=D0=B5=D0=BD=D0=BD=D1=8B=D1=85=20=D0=BE=D0=BA?= =?UTF-8?q?=D1=80=D1=83=D0=B6=D0=B5=D0=BD=D0=B8=D1=8F=20OAuth?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 3 +++ auth/oauth.py | 34 ++++++++++++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f336edae..3861b26b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,9 @@ ## [0.9.22] - 2025-09-22 ### Fixed +- 🔧 **OAuth Provider Registration**: Исправлена логика регистрации OAuth провайдеров - теперь корректно проверяются непустые client_id и client_secret +- 🔍 **OAuth Debugging**: Добавлено отладочное логирование для диагностики проблем с OAuth провайдерами +- 🚫 **OAuth Error**: Исправлена ошибка "Provider not configured" при пустых переменных окружения OAuth - 🔒 **OAuth Facebook**: Обновлена версия API с v13.0 до v18.0 (актуальная) - 🔒 **OAuth Facebook**: Добавлены обязательные scope и параметры безопасности - 🔒 **OAuth Facebook**: Улучшена обработка ошибок API и валидация ответов diff --git a/auth/oauth.py b/auth/oauth.py index d16b8cd9..e8788048 100644 --- a/auth/oauth.py +++ b/auth/oauth.py @@ -147,6 +147,11 @@ def _register_oauth_provider(provider: str, client_config: dict) -> None: logger.warning(f"Unknown OAuth provider: {provider}") return + # 🔍 Отладочная информация + logger.info( + f"Registering OAuth provider {provider} with client_id: {client_config['id'][:8] if client_config['id'] else 'EMPTY'}..." + ) + # Базовые параметры для всех провайдеров register_params: dict[str, Any] = { "name": provider, @@ -171,15 +176,38 @@ def _register_oauth_provider(provider: str, client_config: dict) -> None: oauth.register(**register_params) logger.info(f"OAuth provider {provider} registered successfully") + + # 🔍 Проверяем что клиент действительно создался + test_client = oauth.create_client(provider) + if test_client: + logger.info(f"OAuth client {provider} created successfully") + else: + logger.error(f"OAuth client {provider} failed to create after registration") except Exception as e: logger.error(f"Failed to register OAuth provider {provider}: {e}") +# 🔍 Диагностика OAuth конфигурации +logger.info(f"Available OAuth providers in config: {list(PROVIDER_CONFIGS.keys())}") +logger.info(f"Available OAuth clients: {list(OAUTH_CLIENTS.keys())}") + for provider in PROVIDER_CONFIGS: - if provider in OAUTH_CLIENTS and OAUTH_CLIENTS[provider.upper()]: + if provider.upper() in OAUTH_CLIENTS: client_config = OAUTH_CLIENTS[provider.upper()] - if "id" in client_config and "key" in client_config: + # 🔍 Проверяем что id и key не пустые + client_id = client_config.get("id", "").strip() + client_key = client_config.get("key", "").strip() + + logger.info( + f"OAuth provider {provider}: id={'SET' if client_id else 'EMPTY'}, key={'SET' if client_key else 'EMPTY'}" + ) + + if client_id and client_key: _register_oauth_provider(provider, client_config) + else: + logger.warning(f"OAuth provider {provider} skipped: id={bool(client_id)}, key={bool(client_key)}") + else: + logger.warning(f"OAuth provider {provider} not found in OAUTH_CLIENTS") # Провайдеры со специальной обработкой данных @@ -356,6 +384,7 @@ async def oauth_login(_: None, _info: GraphQLResolveInfo, provider: str, callbac client = oauth.create_client(provider) if not client: + logger.error(f"OAuth client for {provider} not found. Available clients: {list(oauth._clients.keys())}") return JSONResponse({"error": "Provider not configured"}, status_code=400) # Получаем параметры из query string @@ -499,6 +528,7 @@ async def oauth_login_http(request: Request) -> JSONResponse | RedirectResponse: client = oauth.create_client(provider) if not client: + logger.error(f"OAuth client for {provider} not found. Available clients: {list(oauth._clients.keys())}") return JSONResponse({"error": "Provider not configured"}, status_code=400) # Генерируем PKCE challenge