diff --git a/src/paperless_mail/oauth.py b/src/paperless_mail/oauth.py index 6603757d0..f7b39062d 100644 --- a/src/paperless_mail/oauth.py +++ b/src/paperless_mail/oauth.py @@ -9,30 +9,38 @@ from paperless_mail.models import MailAccount # Gmail setup guide: https://postmansmtp.com/how-to-configure-post-smtp-with-gmailgsuite-using-oauth/ # Outlok setup guide: https://medium.com/@manojkumardhakad/python-read-and-send-outlook-mail-using-oauth2-token-and-graph-api-53de606ecfa1 +GMAIL_OAUTH_ENDPOINT_TOKEN = "https://accounts.google.com/o/oauth2/token" +GMAIL_OAUTH_ENDPOINT_AUTH = "https://accounts.google.com/o/oauth2/auth" +OUTLOOK_OAUTH_ENDPOINT_TOKEN = ( + "https://login.microsoftonline.com/common/oauth2/v2.0/token" +) +OUTLOOK_OAUTH_ENDPOINT_AUTH = ( + "https://login.microsoftonline.com/common/oauth2/v2.0/authorize" +) def generate_gmail_oauth_url() -> str: - token_request_uri = "https://accounts.google.com/o/oauth2/auth" response_type = "code" client_id = settings.GMAIL_OAUTH_CLIENT_ID + # TODO: Fix URL redirect_uri = "http://localhost:8000/api/oauth/callback/" scope = "https://mail.google.com/" access_type = "offline" - url = f"{token_request_uri}?response_type={response_type}&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}&access_type={access_type}&prompt=consent" + url = f"{GMAIL_OAUTH_ENDPOINT_AUTH}?response_type={response_type}&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}&access_type={access_type}&prompt=consent" return url def generate_outlook_oauth_url() -> str: - token_request_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize" response_type = "code" client_id = settings.OUTLOOK_OAUTH_CLIENT_ID + # TODO: Fix URL redirect_uri = "http://localhost:8000/api/oauth/callback/" scope = "offline_access https://outlook.office.com/IMAP.AccessAsUser.All" - url = f"{token_request_uri}?response_type={response_type}&response_mode=query&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}" + url = f"{OUTLOOK_OAUTH_ENDPOINT_AUTH}?response_type={response_type}&response_mode=query&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}" return url -def generate_gmail_token_request_data(code: str) -> dict: +def generate_gmail_oauth_token_request_data(code: str) -> dict: client_id = settings.GMAIL_OAUTH_CLIENT_ID client_secret = settings.GMAIL_OAUTH_CLIENT_SECRET scope = "https://mail.google.com/" @@ -42,12 +50,13 @@ def generate_gmail_token_request_data(code: str) -> dict: "client_id": client_id, "client_secret": client_secret, "scope": scope, + # TODO: Fix URL "redirect_uri": "http://localhost:8000/api/oauth/callback/", "grant_type": "authorization_code", } -def generate_outlook_token_request_data(code: str) -> dict: +def generate_outlook_oauth_token_request_data(code: str) -> dict: client_id = settings.OUTLOOK_OAUTH_CLIENT_ID client_secret = settings.OUTLOOK_OAUTH_CLIENT_SECRET scope = "offline_access https://outlook.office.com/IMAP.AccessAsUser.All" @@ -57,6 +66,7 @@ def generate_outlook_token_request_data(code: str) -> dict: "client_id": client_id, "client_secret": client_secret, "scope": scope, + # TODO: Fix URL "redirect_uri": "http://localhost:8000/api/oauth/callback/", "grant_type": "authorization_code", } @@ -73,7 +83,7 @@ def refresh_oauth_token(account: MailAccount) -> bool: return False if account.account_type == MailAccount.MailAccountType.GMAIL_OAUTH: - url = "https://accounts.google.com/o/oauth2/token" + url = GMAIL_OAUTH_ENDPOINT_TOKEN data = { "client_id": settings.GMAIL_OAUTH_CLIENT_ID, "client_secret": settings.GMAIL_OAUTH_CLIENT_SECRET, @@ -81,7 +91,7 @@ def refresh_oauth_token(account: MailAccount) -> bool: "grant_type": "refresh_token", } elif account.account_type == MailAccount.MailAccountType.OUTLOOK_OAUTH: - url = "https://login.microsoftonline.com/common/oauth2/v2.0/token" + url = OUTLOOK_OAUTH_ENDPOINT_TOKEN data = { "client_id": settings.OUTLOOK_OAUTH_CLIENT_ID, "client_secret": settings.OUTLOOK_OAUTH_CLIENT_SECRET, diff --git a/src/paperless_mail/views.py b/src/paperless_mail/views.py index dbbd97091..0f9e00879 100644 --- a/src/paperless_mail/views.py +++ b/src/paperless_mail/views.py @@ -21,8 +21,10 @@ from paperless_mail.mail import mailbox_login from paperless_mail.mail import refresh_oauth_token from paperless_mail.models import MailAccount from paperless_mail.models import MailRule -from paperless_mail.oauth import generate_gmail_token_request_data -from paperless_mail.oauth import generate_outlook_token_request_data +from paperless_mail.oauth import GMAIL_OAUTH_ENDPOINT_TOKEN +from paperless_mail.oauth import OUTLOOK_OAUTH_ENDPOINT_TOKEN +from paperless_mail.oauth import generate_gmail_oauth_token_request_data +from paperless_mail.oauth import generate_outlook_oauth_token_request_data from paperless_mail.serialisers import MailAccountSerializer from paperless_mail.serialisers import MailRuleSerializer @@ -121,8 +123,8 @@ class OauthCallbackView(GenericAPIView): "imap_port": 993, "account_type": account_type, } - token_request_uri = "https://accounts.google.com/o/oauth2/token" - data = generate_gmail_token_request_data(code) + token_request_uri = GMAIL_OAUTH_ENDPOINT_TOKEN + data = generate_gmail_oauth_token_request_data(code) elif scope is None: # Outlook @@ -136,10 +138,8 @@ class OauthCallbackView(GenericAPIView): "account_type": account_type, } - token_request_uri = ( - "https://login.microsoftonline.com/common/oauth2/v2.0/token" - ) - data = generate_outlook_token_request_data(code) + token_request_uri = OUTLOOK_OAUTH_ENDPOINT_TOKEN + data = generate_outlook_oauth_token_request_data(code) headers = { "Content-Type": "application/x-www-form-urlencoded", @@ -149,6 +149,7 @@ class OauthCallbackView(GenericAPIView): if "error" in data: logger.error(f"Error {response.status_code} getting access token: {data}") + # TODO: Fix URL return HttpResponseRedirect( "http://localhost:4200/mail?oauth_success=0", ) @@ -164,6 +165,7 @@ class OauthCallbackView(GenericAPIView): expiration=timezone.now() + timedelta(seconds=expires_in), defaults=defaults, ) + # TODO: Fix URL return HttpResponseRedirect( f"http://localhost:4200/mail?oauth_success=1&account_id={account.pk}", )