From b5b1ed58873bae730ecb10ec5d091fe7e39ae8cd Mon Sep 17 00:00:00 2001 From: Jens L Date: Tue, 9 May 2023 23:41:24 +0200 Subject: [PATCH] sources/oauth: fix reddit (#5557) --- authentik/sources/oauth/models.py | 9 ++++++ authentik/sources/oauth/types/reddit.py | 15 +++++----- schema.yml | 2 +- web/authentik/sources/reddit.svg | 37 +++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 8 deletions(-) create mode 100644 web/authentik/sources/reddit.svg diff --git a/authentik/sources/oauth/models.py b/authentik/sources/oauth/models.py index 602cde4ea..7d8dd2fb7 100644 --- a/authentik/sources/oauth/models.py +++ b/authentik/sources/oauth/models.py @@ -217,6 +217,15 @@ class OktaOAuthSource(OAuthSource): verbose_name_plural = _("Okta OAuth Sources") +class RedditOAuthSource(OAuthSource): + """Social Login using reddit.com.""" + + class Meta: + abstract = True + verbose_name = _("Reddit OAuth Source") + verbose_name_plural = _("Reddit OAuth Sources") + + class UserOAuthSourceConnection(UserSourceConnection): """Authorized remote OAuth provider.""" diff --git a/authentik/sources/oauth/types/reddit.py b/authentik/sources/oauth/types/reddit.py index 7ad2a2754..39018066a 100644 --- a/authentik/sources/oauth/types/reddit.py +++ b/authentik/sources/oauth/types/reddit.py @@ -3,7 +3,7 @@ from typing import Any from requests.auth import HTTPBasicAuth -from authentik.sources.oauth.clients.oauth2 import OAuth2Client +from authentik.sources.oauth.clients.oauth2 import UserprofileHeaderAuthClient from authentik.sources.oauth.types.registry import SourceType, registry from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect @@ -14,12 +14,12 @@ class RedditOAuthRedirect(OAuthRedirect): def get_additional_parameters(self, source): # pragma: no cover return { - "scope": ["identity"], + "scope": "identity", "duration": "permanent", } -class RedditOAuth2Client(OAuth2Client): +class RedditOAuth2Client(UserprofileHeaderAuthClient): """Reddit OAuth2 Client""" def get_access_token(self, **request_kwargs): @@ -37,6 +37,7 @@ class RedditOAuth2Callback(OAuthCallback): self, info: dict[str, Any], ) -> dict[str, Any]: + print(info) return { "username": info.get("name"), "email": None, @@ -51,9 +52,9 @@ class RedditType(SourceType): callback_view = RedditOAuth2Callback redirect_view = RedditOAuthRedirect - name = "reddit" + name = "Reddit" slug = "reddit" - authorization_url = "https://accounts.google.com/o/oauth2/auth" - access_token_url = "https://accounts.google.com/o/oauth2/token" # nosec - profile_url = "https://www.googleapis.com/oauth2/v1/userinfo" + authorization_url = "https://www.reddit.com/api/v1/authorize" + access_token_url = "https://www.reddit.com/api/v1/access_token" # nosec + profile_url = "https://oauth.reddit.com/api/v1/me" diff --git a/schema.yml b/schema.yml index d154dd68e..020d2732c 100644 --- a/schema.yml +++ b/schema.yml @@ -38507,7 +38507,7 @@ components: * `openidconnect` - OpenID Connect * `okta` - Okta * `patreon` - Patreon - * `reddit` - reddit + * `reddit` - Reddit * `twitch` - Twitch * `twitter` - Twitter ProxyMode: diff --git a/web/authentik/sources/reddit.svg b/web/authentik/sources/reddit.svg new file mode 100644 index 000000000..9f160604b --- /dev/null +++ b/web/authentik/sources/reddit.svg @@ -0,0 +1,37 @@ + + + + + + + + + + + + + + + + + + + + + + +