updated the oauth2 providers to use the existing oauth2 endpoints and removed the email from spotify

2024-11-28 10:03:42 +02:00 · 2022-11-13 13:25:14 +02:00 · 2022-11-13 13:25:14 +02:00 · c95e50c8a5
commit c95e50c8a5
parent bac5d76725
3 changed files with 17 additions and 9 deletions
--- a/tools/auth/facebook.go
+++ b/tools/auth/facebook.go
@ -2,6 +2,7 @@ package auth

 import (
 	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/facebook"
 )

 var _ Provider = (*Facebook)(nil)
@ -18,8 +19,8 @@ type Facebook struct {
 func NewFacebookProvider() *Facebook {
 	return &Facebook{&baseProvider{
 		scopes:     []string{"email"},
-		authUrl:    "https://www.facebook.com/dialog/oauth",
-		tokenUrl:   "https://graph.facebook.com/oauth/access_token",
+		authUrl:    facebook.Endpoint.AuthURL,
+		tokenUrl:   facebook.Endpoint.TokenURL,
 		userApiUrl: "https://graph.facebook.com/me?fields=name,email,picture.type(large)",
 	}}
 }
--- a/tools/auth/github.go
+++ b/tools/auth/github.go
@ -6,6 +6,7 @@ import (
 	"strconv"

 	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/github"
 )

 var _ Provider = (*Github)(nil)
@ -22,8 +23,8 @@ type Github struct {
 func NewGithubProvider() *Github {
 	return &Github{&baseProvider{
 		scopes:     []string{"read:user", "user:email"},
-		authUrl:    "https://github.com/login/oauth/authorize",
-		tokenUrl:   "https://github.com/login/oauth/access_token",
+		authUrl:    github.Endpoint.AuthURL,
+		tokenUrl:   github.Endpoint.TokenURL,
 		userApiUrl: "https://api.github.com/user",
 	}}
 }
--- a/tools/auth/spotify.go
+++ b/tools/auth/spotify.go
@ -18,7 +18,11 @@ type Spotify struct {
 // NewSpotifyProvider creates a new Spotify provider instance with some defaults.
 func NewSpotifyProvider() *Spotify {
 	return &Spotify{&baseProvider{
-		scopes:     []string{"user-read-private", "user-read-email"},
+		scopes: []string{
+			"user-read-private",
+			// currently Spotify doesn't return information whether the email is verified or not
+			// "user-read-email",
+		},
 		authUrl:    spotify.Endpoint.AuthURL,
 		tokenUrl:   spotify.Endpoint.TokenURL,
 		userApiUrl: "https://api.spotify.com/v1/me",
@ -31,10 +35,13 @@ func (p *Spotify) FetchAuthUser(token *oauth2.Token) (*AuthUser, error) {
 	rawData := struct {
 		Id     string `json:"id"`
 		Name   string `json:"display_name"`
-		Email  string `json:"email"`
 		Images []struct {
 			Url string `json:"url"`
 		} `json:"images"`
+		// don't map the email because per the official docs
+		// the email field is "unverified" and there is no proof
+		// that it actually belongs to the user
+		// Email  string `json:"email"`
 	}{}

 	if err := p.FetchRawUserData(token, &rawData); err != nil {
@ -42,9 +49,8 @@ func (p *Spotify) FetchAuthUser(token *oauth2.Token) (*AuthUser, error) {
 	}

 	user := &AuthUser{
-		Id:    rawData.Id,
-		Name:  rawData.Name,
-		Email: rawData.Email,
+		Id:   rawData.Id,
+		Name: rawData.Name,
 	}
 	if len(rawData.Images) > 0 {
 		user.AvatarUrl = rawData.Images[0].Url