Include all incoming response attributes into token

ArtyomVancyan · ArtyomVancyan · commit 5a400105e453 · 2023-06-19T18:44:19.000+04:00
diff --git a/examples/airnominal/.env b/examples/airnominal/.env
@@ -1,8 +1,8 @@
-AIRNOMINAL_GITHUB_CLIENT_ID=eccd08d6736b7999a32a
-AIRNOMINAL_GITHUB_CLIENT_SECRET=642999c1c5f2b3df8b877afdc78252ef5b594d31
-AIRNOMINAL_GITHUB_REDIRECT_URL=http://127.0.0.1:8000/auth/callback
-AIRNMONIAL_MAIN_PAGE_REDIRECT_URL=http://127.0.0.1:8000/
+GITHUB_CLIENT_ID=eccd08d6736b7999a32a
+GITHUB_CLIENT_SECRET=642999c1c5f2b3df8b877afdc78252ef5b594d31
+GITHUB_REDIRECT_URL=http://127.0.0.1:8000/auth/callback
+MAIN_PAGE_REDIRECT_URL=http://127.0.0.1:8000/
 
-AIRNOMINAL_JWT_SECRET_KEY=secret
-AIRNOMINAL_JWT_ALGORITHM=HS256
-AIRNOMINAL_JWT_TOKEN_EXPIRES=300
+JWT_SECRET_KEY=secret
+JWT_ALGORITHM=HS256
+JWT_TOKEN_EXPIRES=300
diff --git a/examples/airnominal/auth.py b/examples/airnominal/auth.py
@@ -20,7 +20,7 @@
 
 router = APIRouter()
 
-# config for github SSO
+# config for GitHub SSO
 os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"
 
 sso = GithubSSO(
diff --git a/examples/airnominal/config.py b/examples/airnominal/config.py
@@ -4,13 +4,13 @@
 
 load_dotenv()
 
-# config for github SSO
-CLIENT_ID = os.getenv("AIRNOMINAL_GITHUB_CLIENT_ID")
-CLIENT_SECRET = os.getenv("AIRNOMINAL_GITHUB_CLIENT_SECRET")
-redirect_url = os.getenv("AIRNOMINAL_GITHUB_REDIRECT_URL")
-redirect_url_main_page = os.getenv("AIRNMONIAL_MAIN_PAGE_REDIRECT_URL")
+# config for GitHub SSO
+CLIENT_ID = os.getenv("GITHUB_CLIENT_ID")
+CLIENT_SECRET = os.getenv("GITHUB_CLIENT_SECRET")
+redirect_url = os.getenv("GITHUB_REDIRECT_URL")
+redirect_url_main_page = os.getenv("MAIN_PAGE_REDIRECT_URL")
 
 # config for jwt generation
-SECRET_KEY = os.getenv("AIRNOMINAL_JWT_SECRET_KEY")
-ALGORITHM = os.getenv("AIRNOMINAL_JWT_ALGORITHM")
-ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("AIRNOMINAL_JWT_TOKEN_EXPIRES"))
+SECRET_KEY = os.getenv("JWT_SECRET_KEY")
+ALGORITHM = os.getenv("JWT_ALGORITHM")
+ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("JWT_TOKEN_EXPIRES"))
diff --git a/examples/airnominal/fastapi_sso/base.py b/examples/airnominal/fastapi_sso/base.py
@@ -1,14 +1,11 @@
-"""SSO login base dependency
-"""
-# pylint: disable=too-few-public-methods
+"""SSO login base dependency"""
 
 import json
 import sys
 import warnings
 from typing import Any, Dict, List, Optional
 
 import httpx
-import pydantic
 from oauthlib.oauth2 import WebApplicationClient
 from starlette.exceptions import HTTPException
 from starlette.requests import Request
@@ -34,19 +31,6 @@ class SSOLoginError(HTTPException):
     """
 
 
-class OpenID(pydantic.BaseModel):  # pylint: disable=no-member
-    """Class (schema) to represent information got from sso provider in a common form."""
-
-    id: Optional[str] = None
-    email: Optional[str] = None
-    first_name: Optional[str] = None
-    last_name: Optional[str] = None
-    display_name: Optional[str] = None
-    picture: Optional[str] = None
-    provider: Optional[str] = None
-
-
-# pylint: disable=too-many-instance-attributes
 class SSOBase:
     """Base class (mixin) for all SSO providers"""
 
@@ -59,15 +43,14 @@ class SSOBase:
     additional_headers: Optional[Dict[str, Any]] = None
 
     def __init__(
-        self,
-        client_id: str,
-        client_secret: str,
-        redirect_uri: Optional[str] = None,
-        allow_insecure_http: bool = False,
-        use_state: bool = False,
-        scope: Optional[List[str]] = None,
+            self,
+            client_id: str,
+            client_secret: str,
+            redirect_uri: Optional[str] = None,
+            allow_insecure_http: bool = False,
+            use_state: bool = False,
+            scope: Optional[List[str]] = None,
     ):
-        # pylint: disable=too-many-arguments
         self.client_id = client_id
         self.client_secret = client_secret
         self.redirect_uri = redirect_uri
@@ -116,8 +99,8 @@ def refresh_token(self) -> Optional[str]:
         return self._refresh_token or self.oauth_client.refresh_token
 
     @classmethod
-    async def openid_from_response(cls, response: dict) -> OpenID:
-        """Return {OpenID} object from provider's user info endpoint response"""
+    async def openid_from_response(cls, response: dict) -> dict:
+        """Return {dict} object from provider's user info endpoint response"""
         raise NotImplementedError(f"Provider {cls.provider} not supported")
 
     async def get_discovery_document(self) -> DiscoveryDocument:
@@ -143,11 +126,11 @@ async def userinfo_endpoint(self) -> Optional[str]:
         return discovery.get("userinfo_endpoint")
 
     async def get_login_url(
-        self,
-        *,
-        redirect_uri: Optional[str] = None,
-        params: Optional[Dict[str, Any]] = None,
-        state: Optional[str] = None,
+            self,
+            *,
+            redirect_uri: Optional[str] = None,
+            params: Optional[Dict[str, Any]] = None,
+            state: Optional[str] = None,
     ) -> str:
         """Return prepared login url. This is low-level, see {get_login_redirect} instead."""
         params = params or {}
@@ -160,11 +143,11 @@ async def get_login_url(
         return request_uri
 
     async def get_login_redirect(
-        self,
-        *,
-        redirect_uri: Optional[str] = None,
-        params: Optional[Dict[str, Any]] = None,
-        state: Optional[str] = None,
+            self,
+            *,
+            redirect_uri: Optional[str] = None,
+            params: Optional[Dict[str, Any]] = None,
+            state: Optional[str] = None,
     ) -> RedirectResponse:
         """Return redirect response by Stalette to login page of Oauth SSO provider
 
@@ -182,13 +165,13 @@ async def get_login_redirect(
         return response
 
     async def verify_and_process(
-        self,
-        request: Request,
-        *,
-        params: Optional[Dict[str, Any]] = None,
-        headers: Optional[Dict[str, Any]] = None,
-        redirect_uri: Optional[str] = None,
-    ) -> Optional[OpenID]:
+            self,
+            request: Request,
+            *,
+            params: Optional[Dict[str, Any]] = None,
+            headers: Optional[Dict[str, Any]] = None,
+            redirect_uri: Optional[str] = None,
+    ) -> Optional[dict]:
         """Get FastAPI (Starlette) Request object and process login.
         This handler should be used for your /callback path.
 
@@ -197,7 +180,7 @@ async def verify_and_process(
             params {Optional[Dict[str, Any]]} -- Optional additional query parameters to pass to the provider
 
         Returns:
-            Optional[OpenID] -- OpenID if the login was successfull
+            Optional[dict] -- dict if the login was successfully
         """
         headers = headers or {}
         code = request.query_params.get("code")
@@ -209,22 +192,21 @@ async def verify_and_process(
         )
 
     async def process_login(
-        self,
-        code: str,
-        request: Request,
-        *,
-        params: Optional[Dict[str, Any]] = None,
-        additional_headers: Optional[Dict[str, Any]] = None,
-        redirect_uri: Optional[str] = None,
-    ) -> Optional[OpenID]:
+            self,
+            code: str,
+            request: Request,
+            *,
+            params: Optional[Dict[str, Any]] = None,
+            additional_headers: Optional[Dict[str, Any]] = None,
+            redirect_uri: Optional[str] = None,
+    ) -> Optional[dict]:
         """This method should be called from callback endpoint to verify the user and request user info endpoint.
         This is low level, you should use {verify_and_process} instead.
 
         Arguments:
             params {Optional[Dict[str, Any]]} -- Optional additional query parameters to pass to the provider
             additional_headers {Optional[Dict[str, Any]]} -- Optional additional headers to be added to all requests
         """
-        # pylint: disable=too-many-locals
         params = params or {}
         additional_headers = additional_headers or {}
         additional_headers.update(self.additional_headers or {})
diff --git a/examples/airnominal/fastapi_sso/github.py b/examples/airnominal/fastapi_sso/github.py
@@ -1,10 +1,10 @@
-"""Github SSO Oauth Helper class"""
+"""GitHub SSO Oauth Helper class"""
 
-from .base import DiscoveryDocument, OpenID, SSOBase
+from .base import DiscoveryDocument, SSOBase
 
 
 class GithubSSO(SSOBase):
-    """Class providing login via Github SSO"""
+    """Class providing login via GitHub SSO"""
 
     provider = "github"
     scope = ["user:email"]
@@ -18,11 +18,5 @@ async def get_discovery_document(self) -> DiscoveryDocument:
         }
 
     @classmethod
-    async def openid_from_response(cls, response: dict) -> OpenID:
-        return OpenID(
-            email=response["email"],
-            provider=cls.provider,
-            id=response["id"],
-            display_name=response["login"],
-            picture=response["avatar_url"],
-        )
+    async def openid_from_response(cls, response: dict) -> dict:
+        return {**response, "provider": cls.provider}
diff --git a/examples/airnominal/templates/index.html b/examples/airnominal/templates/index.html
@@ -9,8 +9,8 @@
 </head>
 <body>
 {% if request.user %}
-    <h1>Hello, {{ request.user.display_name }}</h1>
-    <img src="{{ request.user.picture }}" alt="Pic">
+    <h1>Hello, {{ request.user.name }}</h1>
+    <img src="{{ request.user.avatar_url }}" alt="Pic">
     <a href="/auth/logout">Logout</a>
 {% else %}
     <a href="/auth/login">Sign in</a>
