This commit is contained in:
@@ -548,13 +548,15 @@ async def oauth_login_http(request: Request) -> JSONResponse | RedirectResponse:
|
||||
# URL для callback
|
||||
callback_uri = f"{FRONTEND_URL}oauth/{provider}/callback"
|
||||
|
||||
return await client.authorize_redirect(
|
||||
request,
|
||||
# 🔍 Создаем redirect URL вручную (обходим использование request.session в authlib)
|
||||
authorization_url = await client.create_authorization_url(
|
||||
callback_uri,
|
||||
code_challenge=code_challenge,
|
||||
code_challenge_method="S256",
|
||||
state=state,
|
||||
)
|
||||
|
||||
return RedirectResponse(url=authorization_url["url"], status_code=302)
|
||||
|
||||
except Exception as e:
|
||||
logger.error(f"OAuth login error: {e}")
|
||||
@@ -582,7 +584,21 @@ async def oauth_callback_http(request: Request) -> JSONResponse | RedirectRespon
|
||||
if not client:
|
||||
return JSONResponse({"error": "Provider not configured"}, status_code=400)
|
||||
|
||||
token = await client.authorize_access_token(request)
|
||||
# 🔍 Получаем code_verifier из Redis вместо request.session
|
||||
code_verifier = oauth_data.get("code_verifier")
|
||||
if not code_verifier:
|
||||
return JSONResponse({"error": "Missing code verifier in OAuth state"}, status_code=400)
|
||||
|
||||
# Получаем authorization code из query параметров
|
||||
code = request.query_params.get("code")
|
||||
if not code:
|
||||
return JSONResponse({"error": "Missing authorization code"}, status_code=400)
|
||||
|
||||
# Обмениваем code на токен вручную
|
||||
token = await client.fetch_access_token(
|
||||
authorization_response=str(request.url),
|
||||
code_verifier=code_verifier,
|
||||
)
|
||||
if not token:
|
||||
return JSONResponse({"error": "Failed to get access token"}, status_code=400)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user