feat(third_party/lieer): Introduce configuration for OAuth client

It turns out I'm going to need multiple different OAuth clients for a
variety of reasons. This defaults to the client for tazj.in accounts,
but I use a different one in my work overlay.
This commit is contained in:
Vincent Ambo 2019-12-26 15:01:21 +01:00
parent cf9dd380f3
commit e76be6b401
2 changed files with 44 additions and 2 deletions

20
third_party/lieer/api_client.patch vendored Normal file
View file

@ -0,0 +1,20 @@
diff --git a/lieer/remote.py b/lieer/remote.py
index 6e3973a..62728f7 100644
--- a/lieer/remote.py
+++ b/lieer/remote.py
@@ -25,12 +25,12 @@ class Remote:
# * https://stackoverflow.com/questions/19615372/client-secret-in-oauth-2-0?rq=1
#
OAUTH2_CLIENT_SECRET = {
- "client_id":"753933720722-ju82fu305lii0v9rdo6mf9hj40l5juv0.apps.googleusercontent.com",
- "project_id":"capable-pixel-160614",
+ "client_id":"${CLIENT_ID}",
+ "project_id":"${PROJECT_ID}",
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"token_uri":"https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
- "client_secret":"8oudEG0Tvb7YI2V0ykp2Pzz9",
+ "client_secret":"${CLIENT_SECRET}",
"redirect_uris":["urn:ietf:wg:oauth:2.0:oob", "http://localhost"]
}

View file

@ -5,9 +5,28 @@
# version using the previous branding (gmailieer). # version using the previous branding (gmailieer).
{ pkgs, ... }: { pkgs, ... }:
# For a variety of reasons (specific to my setup), custom OAuth2
# scopes are used.
#
# The below client ID is the default for *@tazj.in and is overridden
# in a private repository for my work account. Publishing it here is
# not a security issue.
{
clientId ? "515965513093-7b4bo4gm0q09ccsmikkuaas9a40j0jcj.apps.googleusercontent.com",
clientSecret ? "3jVbpfT4GmubFD64svctJSdQ",
project ? "tazjins-infrastructure"
}:
with pkgs.third_party; with pkgs.third_party;
python3Packages.buildPythonApplication rec { let
authPatch = runCommand "client_secret.patch" {} ''
export CLIENT_ID='${clientId}'
export CLIENT_SECRET='${clientSecret}'
export PROJECT_ID='${project}'
cat ${./api_client.patch} | ${gettext}/bin/envsubst > $out
'';
in python3Packages.buildPythonApplication rec {
name = "lieer-${version}"; name = "lieer-${version}";
version = "1.0"; version = "1.0";
@ -18,7 +37,10 @@ python3Packages.buildPythonApplication rec {
sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf"; sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf";
}; };
patches = [ ./send_scope.patch ]; patches = [
authPatch
./send_scope.patch
];
propagatedBuildInputs = with python3Packages; [ propagatedBuildInputs = with python3Packages; [
notmuch notmuch