From b38c38b000bf0294014d0a006316d6c1cad94a7e Mon Sep 17 00:00:00 2001 From: Chalmer Lowe Date: Tue, 30 Aug 2022 19:58:38 +0000 Subject: [PATCH 1/2] adds random port and url parsing as part oauth refactor --- google_auth_oauthlib/flow.py | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/google_auth_oauthlib/flow.py b/google_auth_oauthlib/flow.py index 72cb13f..ecd4fcf 100644 --- a/google_auth_oauthlib/flow.py +++ b/google_auth_oauthlib/flow.py @@ -52,6 +52,8 @@ import hashlib import json import logging +import random +from urllib.parse import urlparse, parse_qs import warnings try: @@ -76,6 +78,13 @@ "oob", ] +def parse_code(uri): + parsed_url = urlparse(uri) + query_args = parse_qs(parsed_url.query) + code = query_args['code'][0] + return code + + class Flow(object): """OAuth 2.0 Authorization Flow @@ -370,14 +379,16 @@ class InstalledAppFlow(Flow): https://github.com/googleapis/google-api-python-client/blob/main/docs/oauth-installed.md """ - _OOB_REDIRECT_URI = "urn:ietf:wg:oauth:2.0:oob" + # _OOB_REDIRECT_URI = "urn:ietf:wg:oauth:2.0:oob" + _PORT_NUMBER = random.randint(9000, 65000) + _OOB_REDIRECT_URI = f"http://localhost:{_PORT_NUMBER}" _DEFAULT_AUTH_PROMPT_MESSAGE = ( - "Please visit this URL to authorize this application: {url}" + "Please visit this URL to authorize this application: \n\n{url}\n" ) """str: The message to display when prompting the user for authorization.""" - _DEFAULT_AUTH_CODE_MESSAGE = "Enter the authorization code: " + _DEFAULT_AUTH_CODE_MESSAGE = "Upon authorizing, your browser will attempt to load a local host site but will be unsuccessful and will indicate 'This site can't be reached'. In your browser's address bar, copy that URL and enter it below:\n" """str: The message to display when prompting the user for the authorization code. Used only by the console strategy.""" @@ -387,7 +398,7 @@ class InstalledAppFlow(Flow): def run_console( self, - authorization_prompt_message=_DEFAULT_AUTH_PROMPT_MESSAGE, + authorization_prompt_message="RC" + _DEFAULT_AUTH_PROMPT_MESSAGE, authorization_code_message=_DEFAULT_AUTH_CODE_MESSAGE, **kwargs ): @@ -435,7 +446,7 @@ def run_console( print(authorization_prompt_message.format(url=auth_url)) code = input(authorization_code_message) - + code = parse_code(code) self.fetch_token(code=code) return self.credentials @@ -445,7 +456,7 @@ def run_local_server( host="localhost", bind_addr=None, port=8080, - authorization_prompt_message=_DEFAULT_AUTH_PROMPT_MESSAGE, + authorization_prompt_message="RL" + _DEFAULT_AUTH_PROMPT_MESSAGE, success_message=_DEFAULT_WEB_SUCCESS_MESSAGE, open_browser=True, redirect_uri_trailing_slash=True, From 95c8eded867a6ba0eb0a4d17bc043ade11badf4b Mon Sep 17 00:00:00 2001 From: Chalmer Lowe Date: Tue, 30 Aug 2022 20:34:21 +0000 Subject: [PATCH 2/2] blackened --- google_auth_oauthlib/flow.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/google_auth_oauthlib/flow.py b/google_auth_oauthlib/flow.py index ecd4fcf..2f7e4c4 100644 --- a/google_auth_oauthlib/flow.py +++ b/google_auth_oauthlib/flow.py @@ -78,14 +78,14 @@ "oob", ] + def parse_code(uri): parsed_url = urlparse(uri) query_args = parse_qs(parsed_url.query) - code = query_args['code'][0] + code = query_args["code"][0] return code - class Flow(object): """OAuth 2.0 Authorization Flow @@ -400,7 +400,7 @@ def run_console( self, authorization_prompt_message="RC" + _DEFAULT_AUTH_PROMPT_MESSAGE, authorization_code_message=_DEFAULT_AUTH_CODE_MESSAGE, - **kwargs + **kwargs, ): """Run the flow using the console strategy. @@ -460,7 +460,7 @@ def run_local_server( success_message=_DEFAULT_WEB_SUCCESS_MESSAGE, open_browser=True, redirect_uri_trailing_slash=True, - **kwargs + **kwargs, ): """Run the flow using the server strategy.