feat(third_party/lieer): Introduce configuration for OAuth client
It turns out I'm going to need multiple different OAuth clients for a variety of reasons. This defaults to the client for tazj.in accounts, but I use a different one in my work overlay.
This commit is contained in:
parent
cf9dd380f3
commit
e76be6b401
2 changed files with 44 additions and 2 deletions
20
third_party/lieer/api_client.patch
vendored
Normal file
20
third_party/lieer/api_client.patch
vendored
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
diff --git a/lieer/remote.py b/lieer/remote.py
|
||||||
|
index 6e3973a..62728f7 100644
|
||||||
|
--- a/lieer/remote.py
|
||||||
|
+++ b/lieer/remote.py
|
||||||
|
@@ -25,12 +25,12 @@ class Remote:
|
||||||
|
# * https://stackoverflow.com/questions/19615372/client-secret-in-oauth-2-0?rq=1
|
||||||
|
#
|
||||||
|
OAUTH2_CLIENT_SECRET = {
|
||||||
|
- "client_id":"753933720722-ju82fu305lii0v9rdo6mf9hj40l5juv0.apps.googleusercontent.com",
|
||||||
|
- "project_id":"capable-pixel-160614",
|
||||||
|
+ "client_id":"${CLIENT_ID}",
|
||||||
|
+ "project_id":"${PROJECT_ID}",
|
||||||
|
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
|
||||||
|
"token_uri":"https://accounts.google.com/o/oauth2/token",
|
||||||
|
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
|
||||||
|
- "client_secret":"8oudEG0Tvb7YI2V0ykp2Pzz9",
|
||||||
|
+ "client_secret":"${CLIENT_SECRET}",
|
||||||
|
"redirect_uris":["urn:ietf:wg:oauth:2.0:oob", "http://localhost"]
|
||||||
|
}
|
||||||
|
|
26
third_party/lieer/default.nix
vendored
26
third_party/lieer/default.nix
vendored
|
@ -5,9 +5,28 @@
|
||||||
# version using the previous branding (gmailieer).
|
# version using the previous branding (gmailieer).
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
# For a variety of reasons (specific to my setup), custom OAuth2
|
||||||
|
# scopes are used.
|
||||||
|
#
|
||||||
|
# The below client ID is the default for *@tazj.in and is overridden
|
||||||
|
# in a private repository for my work account. Publishing it here is
|
||||||
|
# not a security issue.
|
||||||
|
{
|
||||||
|
clientId ? "515965513093-7b4bo4gm0q09ccsmikkuaas9a40j0jcj.apps.googleusercontent.com",
|
||||||
|
clientSecret ? "3jVbpfT4GmubFD64svctJSdQ",
|
||||||
|
project ? "tazjins-infrastructure"
|
||||||
|
}:
|
||||||
|
|
||||||
with pkgs.third_party;
|
with pkgs.third_party;
|
||||||
|
|
||||||
python3Packages.buildPythonApplication rec {
|
let
|
||||||
|
authPatch = runCommand "client_secret.patch" {} ''
|
||||||
|
export CLIENT_ID='${clientId}'
|
||||||
|
export CLIENT_SECRET='${clientSecret}'
|
||||||
|
export PROJECT_ID='${project}'
|
||||||
|
cat ${./api_client.patch} | ${gettext}/bin/envsubst > $out
|
||||||
|
'';
|
||||||
|
in python3Packages.buildPythonApplication rec {
|
||||||
name = "lieer-${version}";
|
name = "lieer-${version}";
|
||||||
version = "1.0";
|
version = "1.0";
|
||||||
|
|
||||||
|
@ -18,7 +37,10 @@ python3Packages.buildPythonApplication rec {
|
||||||
sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf";
|
sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [ ./send_scope.patch ];
|
patches = [
|
||||||
|
authPatch
|
||||||
|
./send_scope.patch
|
||||||
|
];
|
||||||
|
|
||||||
propagatedBuildInputs = with python3Packages; [
|
propagatedBuildInputs = with python3Packages; [
|
||||||
notmuch
|
notmuch
|
||||||
|
|
Loading…
Reference in a new issue