harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity

Cleaner OAuth redirect_uri generation

Browse Source
This commit is contained in:
Pēteris Caune 2020-09-01 12:07:13 +03:00
parent d1b1a6c02e
commit 9ba9032389
No known key found for this signature in database
GPG Key ID: E28D7679E9A9EDE2
2 changed files with 7 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hc/front/urls.py
View File

@ -24,12 +24,8 @@ check_urls = [
] ]
channel_urls = [ channel_urls = [
path( path("add_pushbullet/", views.add_pushbullet_complete),
"add_pushbullet/", path("add_discord/", views.add_discord_complete),
views.add_pushbullet_complete,
name="hc-add-pushbullet-complete",
),
path("add_discord/", views.add_discord_complete, name="hc-add-discord-complete"),
path("add_linenotify/", views.add_linenotify_complete), path("add_linenotify/", views.add_linenotify_complete),
path("add_pushover/", views.pushover_help, name="hc-pushover-help"), path("add_pushover/", views.pushover_help, name="hc-pushover-help"),
path("telegram/", views.telegram_help, name="hc-telegram-help"), path("telegram/", views.telegram_help, name="hc-telegram-help"),

15
hc/front/views.py
View File

@ -1206,13 +1206,12 @@ def add_mattermost(request, code):
@login_required @login_required
def add_pushbullet(request, code): def add_pushbullet(request, code):
project = _get_rw_project_for_user(request, code) project = _get_rw_project_for_user(request, code)
redirect_uri = settings.SITE_ROOT + reverse("hc-add-pushbullet-complete")
state = token_urlsafe() state = token_urlsafe()
authorize_url = "https://www.pushbullet.com/authorize?" + urlencode( authorize_url = "https://www.pushbullet.com/authorize?" + urlencode(
{ {
"client_id": settings.PUSHBULLET_CLIENT_ID, "client_id": settings.PUSHBULLET_CLIENT_ID,
"redirect_uri": redirect_uri, "redirect_uri": settings.SITE_ROOT + reverse(add_pushbullet_complete),
"response_type": "code", "response_type": "code",
"state": state, "state": state,
} }
@ -1271,13 +1270,12 @@ def add_pushbullet_complete(request):
@login_required @login_required
def add_discord(request, code): def add_discord(request, code):
project = _get_rw_project_for_user(request, code) project = _get_rw_project_for_user(request, code)
redirect_uri = settings.SITE_ROOT + reverse("hc-add-discord-complete")
state = token_urlsafe() state = token_urlsafe()
auth_url = "https://discordapp.com/api/oauth2/authorize?" + urlencode( auth_url = "https://discordapp.com/api/oauth2/authorize?" + urlencode(
{ {
"client_id": settings.DISCORD_CLIENT_ID, "client_id": settings.DISCORD_CLIENT_ID,
"scope": "webhook.incoming", "scope": "webhook.incoming",
"redirect_uri": redirect_uri, "redirect_uri": settings.SITE_ROOT + reverse(add_discord_complete),
"response_type": "code", "response_type": "code",
"state": state, "state": state,
} }
@ -1305,7 +1303,6 @@ def add_discord_complete(request):
if request.GET.get("state") != state: if request.GET.get("state") != state:
return HttpResponseForbidden() return HttpResponseForbidden()
redirect_uri = settings.SITE_ROOT + reverse("hc-add-discord-complete")
result = requests.post( result = requests.post(
"https://discordapp.com/api/oauth2/token", "https://discordapp.com/api/oauth2/token",
{ {
@ -1313,7 +1310,7 @@ def add_discord_complete(request):
"client_secret": settings.DISCORD_CLIENT_SECRET, "client_secret": settings.DISCORD_CLIENT_SECRET,
"code": request.GET.get("code"), "code": request.GET.get("code"),
"grant_type": "authorization_code", "grant_type": "authorization_code",
"redirect_uri": redirect_uri, "redirect_uri": settings.SITE_ROOT + reverse(add_discord_complete),
}, },
) )
@ -1825,13 +1822,12 @@ def add_spike(request, code):
@login_required @login_required
def add_linenotify(request, code): def add_linenotify(request, code):
project = _get_rw_project_for_user(request, code) project = _get_rw_project_for_user(request, code)
redirect_uri = settings.SITE_ROOT + reverse(add_linenotify_complete)
state = token_urlsafe() state = token_urlsafe()
authorize_url = " https://notify-bot.line.me/oauth/authorize?" + urlencode( authorize_url = " https://notify-bot.line.me/oauth/authorize?" + urlencode(
{ {
"client_id": settings.LINENOTIFY_CLIENT_ID, "client_id": settings.LINENOTIFY_CLIENT_ID,
"redirect_uri": redirect_uri, "redirect_uri": settings.SITE_ROOT + reverse(add_linenotify_complete),
"response_type": "code", "response_type": "code",
"state": state, "state": state,
"scope": "notify", "scope": "notify",
@ -1864,13 +1860,12 @@ def add_linenotify_complete(request):
return redirect("hc-p-channels", project.code) return redirect("hc-p-channels", project.code)
# Exchange code for access token # Exchange code for access token
redirect_uri = settings.SITE_ROOT + reverse(add_linenotify_complete)
result = requests.post( result = requests.post(
"https://notify-bot.line.me/oauth/token", "https://notify-bot.line.me/oauth/token",
{ {
"grant_type": "authorization_code", "grant_type": "authorization_code",
"code": request.GET.get("code"), "code": request.GET.get("code"),
"redirect_uri": redirect_uri, "redirect_uri": settings.SITE_ROOT + reverse(add_linenotify_complete),
"client_id": settings.LINENOTIFY_CLIENT_ID, "client_id": settings.LINENOTIFY_CLIENT_ID,
"client_secret": settings.LINENOTIFY_CLIENT_SECRET, "client_secret": settings.LINENOTIFY_CLIENT_SECRET,
}, },