From ead404fc72312ad21101cfa0e2c919e1b905c0d1 Mon Sep 17 00:00:00 2001
From: knst-kotov <knst.kotov@gmail.com>
Date: Tue, 13 Jul 2021 09:15:15 +0000
Subject: [PATCH] oauth code minor changes

---
 auth/oauth.py     | 35 ++++++++++++++++++++++++++---------
 main.py           |  2 +-
 resolvers/auth.py | 30 +++++++++++++++---------------
 3 files changed, 42 insertions(+), 25 deletions(-)

diff --git a/auth/oauth.py b/auth/oauth.py
index 5f6c30c0..8fc6ade7 100644
--- a/auth/oauth.py
+++ b/auth/oauth.py
@@ -4,12 +4,14 @@ from starlette.responses import PlainTextResponse
 from auth.authorize import Authorize
 from auth.identity import Identity
 
+from sensitive_settings import CLIENT_ID, CLIENT_SECRET
+
 oauth = OAuth()
 
 oauth.register(
 	name='facebook',
-	client_id='222122999761250',
-	client_secret='',
+	client_id=CLIENT_ID["FACEBOOK"],
+	client_secret=CLIENT_SECRET["FACEBOOK"],
 	access_token_url='https://graph.facebook.com/v11.0/oauth/access_token',
 	access_token_params=None,
 	authorize_url='https://www.facebook.com/v11.0/dialog/oauth',
@@ -20,8 +22,8 @@ oauth.register(
 
 oauth.register(
 	name='github',
-	client_id='58877ba7ad9baef280b4',
-	client_secret='',
+	client_id=CLIENT_ID["GITHUB"],
+	client_secret=CLIENT_SECRET["GITHUB"],
 	access_token_url='https://github.com/login/oauth/access_token',
 	access_token_params=None,
 	authorize_url='https://github.com/login/oauth/authorize',
@@ -30,15 +32,30 @@ oauth.register(
 	client_kwargs={'scope': 'user:email'},
 )
 
+oauth.register(
+	name='google',
+	client_id=CLIENT_ID["GOOGLE"],
+	client_secret=CLIENT_SECRET["GOOGLE"],
+	access_token_url='https://oauth2.googleapis.com/token',
+	access_token_params=None,
+	authorize_url='https://accounts.google.com/o/oauth2/v2/auth',
+	authorize_params=None,
+	api_base_url='https://oauth2.googleapis.com/',
+	client_kwargs={'scope': 'openid email profile'}
+)
+
 async def oauth_login(request):
-	github = oauth.create_client('github')
+	provider = request.path_params['provider']
+	request.session['provider'] = provider
+	client = oauth.create_client(provider)
 	redirect_uri = request.url_for('oauth_authorize')
-	return await github.authorize_redirect(request, redirect_uri)
+	return await client.authorize_redirect(request, redirect_uri)
 
 async def oauth_authorize(request):
-	github = oauth.create_client('github')
-	token = await github.authorize_access_token(request)
-	resp = await github.get('user', token=token)
+	provider = request.session['provider']
+	client = oauth.create_client(provider)
+	token = await client.authorize_access_token(request)
+	resp = await client.get('user', token=token)
 	profile = resp.json()
 	oauth_id = profile["id"]
 	user_input = {
diff --git a/main.py b/main.py
index 0050b16a..7003bf18 100644
--- a/main.py
+++ b/main.py
@@ -29,7 +29,7 @@ async def shutdown():
     await redis.disconnect()
     
 routes = [
-    Route("/oauth", endpoint=oauth_login),
+    Route("/oauth/{provider}", endpoint=oauth_login),
     Route("/authorize", endpoint=oauth_authorize)
 ]
 
diff --git a/resolvers/auth.py b/resolvers/auth.py
index 1b1b38b8..cfc7f1a1 100644
--- a/resolvers/auth.py
+++ b/resolvers/auth.py
@@ -13,34 +13,34 @@ from settings import JWT_AUTH_HEADER
 
 @mutation.field("registerUser")
 async def register(*_, input: dict = None) -> User:
-    create_user = CreateUser(**input)
-    create_user.password = Password.encode(create_user.password)
-    return User.create(**create_user.dict())
+	create_user = CreateUser(**input)
+	create_user.password = Password.encode(create_user.password)
+	return User.create(**create_user.dict())
 
 
 @query.field("signIn")
 async def sign_in(_, info: GraphQLResolveInfo, id: int, password: str):
-    try:
-        device = info.context["request"].headers['device']
-    except KeyError:
-        device = "pc"
-    auto_delete = False if device == "mobile" else True
-    user = Identity.identity(user_id=id, password=password)
-    token = await Authorize.authorize(user, device=device, auto_delete=auto_delete)
-    return {"status" : True, "token" : token}
+	try:
+		device = info.context["request"].headers['device']
+	except KeyError:
+		device = "pc"
+	auto_delete = False if device == "mobile" else True
+	user = Identity.identity(user_id=id, password=password)
+	token = await Authorize.authorize(user, device=device, auto_delete=auto_delete)
+	return {"status" : True, "token" : token}
 
 
 @query.field("signOut")
 @login_required
 async def sign_out(_, info: GraphQLResolveInfo):
-    token = info.context["request"].headers[JWT_AUTH_HEADER]
-    status = await Authorize.revoke(token)
-    return {"status" : status}
+	token = info.context["request"].headers[JWT_AUTH_HEADER]
+	status = await Authorize.revoke(token)
+	return {"status" : status}
 
 
 #@query.field("getUser")
 #@login_required
 async def get_user(*_, id: int):
-    return global_session.query(User).filter(User.id == id).first()
+	return global_session.query(User).filter(User.id == id).first()