Finally proper callback and redirect urls

src/paperless/settings.py

@@ -1198,11 +1198,16 @@ EMPTY_TRASH_DELAY = max(__get_int("PAPERLESS_EMPTY_TRASH_DELAY", 30), 1)
 
 
 ###############################################################################
-# Oauth Email Providers                                                       #
+# Oauth Email                                                                 #
 ###############################################################################
+OAUTH_CALLBACK_BASE_URL = os.getenv("PAPERLESS_OAUTH_CALLBACK_BASE_URL")
 GMAIL_OAUTH_CLIENT_ID = os.getenv("PAPERLESS_GMAIL_OAUTH_CLIENT_ID")
 GMAIL_OAUTH_CLIENT_SECRET = os.getenv("PAPERLESS_GMAIL_OAUTH_CLIENT_SECRET")
-GMAIL_OAUTH_ENABLED = bool(GMAIL_OAUTH_CLIENT_ID and GMAIL_OAUTH_CLIENT_SECRET)
+GMAIL_OAUTH_ENABLED = bool(
+    OAUTH_CALLBACK_BASE_URL and GMAIL_OAUTH_CLIENT_ID and GMAIL_OAUTH_CLIENT_SECRET,
+)
 OUTLOOK_OAUTH_CLIENT_ID = os.getenv("PAPERLESS_OUTLOOK_OAUTH_CLIENT_ID")
 OUTLOOK_OAUTH_CLIENT_SECRET = os.getenv("PAPERLESS_OUTLOOK_OAUTH_CLIENT_SECRET")
-OUTLOOK_OAUTH_ENABLED = bool(OUTLOOK_OAUTH_CLIENT_ID and OUTLOOK_OAUTH_CLIENT_SECRET)
+OUTLOOK_OAUTH_ENABLED = bool(
+    OAUTH_CALLBACK_BASE_URL and OUTLOOK_OAUTH_CLIENT_ID and OUTLOOK_OAUTH_CLIENT_SECRET,
+)

src/paperless_mail/oauth.py

@@ -19,11 +19,18 @@ OUTLOOK_OAUTH_ENDPOINT_AUTH = (
 )
 
 
+def get_oauth_callback_url() -> str:
+    return f"{settings.OAUTH_CALLBACK_BASE_URL if settings.OAUTH_CALLBACK_BASE_URL is not None else settings.PAPERLESS_URL}{settings.BASE_URL}api/oauth/callback/"
+
+
+def get_oauth_redirect_url() -> str:
+    return f"{'http://localhost:4200/' if settings.DEBUG else settings.BASE_URL}mail"  # e.g. "http://localhost:4200/mail" or "/mail"
+
+
 def generate_gmail_oauth_url() -> str:
     response_type = "code"
     client_id = settings.GMAIL_OAUTH_CLIENT_ID
-    # TODO: Fix URL
-    redirect_uri = "http://localhost:8000/api/oauth/callback/"
+    redirect_uri = get_oauth_callback_url()
     scope = "https://mail.google.com/"
     access_type = "offline"
     url = f"{GMAIL_OAUTH_ENDPOINT_AUTH}?response_type={response_type}&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}&access_type={access_type}&prompt=consent"
@@ -33,8 +40,7 @@ def generate_gmail_oauth_url() -> str:
 def generate_outlook_oauth_url() -> str:
     response_type = "code"
     client_id = settings.OUTLOOK_OAUTH_CLIENT_ID
-    # TODO: Fix URL
-    redirect_uri = "http://localhost:8000/api/oauth/callback/"
+    redirect_uri = get_oauth_callback_url()
     scope = "offline_access https://outlook.office.com/IMAP.AccessAsUser.All"
     url = f"{OUTLOOK_OAUTH_ENDPOINT_AUTH}?response_type={response_type}&response_mode=query&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}"
     return url
@@ -50,8 +56,7 @@ def generate_gmail_oauth_token_request_data(code: str) -> dict:
         "client_id": client_id,
         "client_secret": client_secret,
         "scope": scope,
-        # TODO: Fix URL
-        "redirect_uri": "http://localhost:8000/api/oauth/callback/",
+        "redirect_uri": get_oauth_callback_url(),
         "grant_type": "authorization_code",
     }
 
@@ -66,8 +71,7 @@ def generate_outlook_oauth_token_request_data(code: str) -> dict:
         "client_id": client_id,
         "client_secret": client_secret,
         "scope": scope,
-        # TODO: Fix URL
-        "redirect_uri": "http://localhost:8000/api/oauth/callback/",
+        "redirect_uri": get_oauth_callback_url(),
         "grant_type": "authorization_code",
     }
 

src/paperless_mail/tests/test_mail_oauth.py

@@ -4,11 +4,14 @@ from unittest import mock
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.test import TestCase
+from django.test import override_settings
 from django.utils import timezone
 from rest_framework import status
 
 from paperless_mail.mail import MailAccountHandler
 from paperless_mail.models import MailAccount
+from paperless_mail.oauth import get_oauth_callback_url
+from paperless_mail.oauth import get_oauth_redirect_url
 
 
 class TestMailOAuth(
@@ -25,6 +28,51 @@ class TestMailOAuth(
         settings.OUTLOOK_OAUTH_CLIENT_SECRET = "test_outlook_client_secret"
         super().setUp()
 
+    def test_generate_paths(self):
+        """
+        GIVEN:
+            - Mocked settings for OAuth callback and base URLs
+        WHEN:
+            - get_oauth_callback_url and get_oauth_redirect_url are called
+        THEN:
+            - Correct URLs are generated
+        """
+        # Callback URL
+        with override_settings(OAUTH_CALLBACK_BASE_URL="http://paperless.example.com"):
+            self.assertEqual(
+                get_oauth_callback_url(),
+                "http://paperless.example.com/api/oauth/callback/",
+            )
+        with override_settings(
+            OAUTH_CALLBACK_BASE_URL=None,
+            PAPERLESS_URL="http://paperless.example.com",
+        ):
+            self.assertEqual(
+                get_oauth_callback_url(),
+                "http://paperless.example.com/api/oauth/callback/",
+            )
+        with override_settings(
+            OAUTH_CALLBACK_BASE_URL=None,
+            PAPERLESS_URL="http://paperless.example.com",
+            BASE_URL="/paperless/",
+        ):
+            self.assertEqual(
+                get_oauth_callback_url(),
+                "http://paperless.example.com/paperless/api/oauth/callback/",
+            )
+
+        # Redirect URL
+        with override_settings(DEBUG=True):
+            self.assertEqual(
+                get_oauth_redirect_url(),
+                "http://localhost:4200/mail",
+            )
+        with override_settings(DEBUG=False):
+            self.assertEqual(
+                get_oauth_redirect_url(),
+                "/mail",
+            )
+
     @mock.patch("httpx.post")
     def test_oauth_callback_view(self, mock_post):
         """

src/paperless_mail/views.py

@@ -24,6 +24,7 @@ from paperless_mail.oauth import GMAIL_OAUTH_ENDPOINT_TOKEN
 from paperless_mail.oauth import OUTLOOK_OAUTH_ENDPOINT_TOKEN
 from paperless_mail.oauth import generate_gmail_oauth_token_request_data
 from paperless_mail.oauth import generate_outlook_oauth_token_request_data
+from paperless_mail.oauth import get_oauth_redirect_url
 from paperless_mail.oauth import refresh_oauth_token
 from paperless_mail.serialisers import MailAccountSerializer
 from paperless_mail.serialisers import MailRuleSerializer
@@ -148,9 +149,8 @@ class OauthCallbackView(GenericAPIView):
 
         if "error" in data:
             logger.error(f"Error {response.status_code} getting access token: {data}")
-            # TODO: Fix URL
             return HttpResponseRedirect(
-                "http://localhost:4200/mail?oauth_success=0",
+                f"{get_oauth_redirect_url()}?oauth_success=0",
             )
         elif "access_token" in data:
             access_token = data["access_token"]
@@ -164,7 +164,6 @@ class OauthCallbackView(GenericAPIView):
                 expiration=timezone.now() + timedelta(seconds=expires_in),
                 defaults=defaults,
             )
-            # TODO: Fix URL
             return HttpResponseRedirect(
-                f"http://localhost:4200/mail?oauth_success=1&account_id={account.pk}",
+                f"{get_oauth_redirect_url()}?oauth_success=1&account_id={account.pk}",
             )