@@ -264,6 +264,7 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
264264 env_value = env_value .strip ()
265265 try :
266266 from urllib .parse import urlparse
267+
267268 parsed = urlparse (env_value )
268269 if not parsed .scheme or not parsed .netloc :
269270 raise ValueError (
@@ -292,6 +293,7 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
292293 env_value = env_value .strip ()
293294 try :
294295 from urllib .parse import urlparse
296+
295297 parsed = urlparse (env_value )
296298 if not parsed .scheme or not parsed .netloc :
297299 raise ValueError (
@@ -300,26 +302,21 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
300302 )
301303 if parsed .scheme not in ("http" , "https" ):
302304 raise ValueError (
303- f"Token endpoint from { config .token_endpoint_env_var } "
304- f"must use http or https: '{ env_value } '"
305+ f"Token endpoint from { config .token_endpoint_env_var } must use http or https: '{ env_value } '"
305306 )
306307 token_endpoint = env_value
307308 except Exception as e :
308309 if isinstance (e , ValueError ):
309310 raise
310- raise ValueError (
311- f"Invalid token_endpoint from { config .token_endpoint_env_var } : { e } "
312- ) from e
311+ raise ValueError (f"Invalid token_endpoint from { config .token_endpoint_env_var } : { e } " ) from e
313312
314313 client_id = config .client_id
315314 if config .client_id_env_var :
316315 env_value = os .environ .get (config .client_id_env_var )
317316 if env_value :
318317 client_id = env_value .strip ()
319318 if not client_id :
320- raise ValueError (
321- f"Client ID from environment variable { config .client_id_env_var } cannot be empty"
322- )
319+ raise ValueError (f"Client ID from environment variable { config .client_id_env_var } cannot be empty" )
323320
324321 client_secret = config .client_secret
325322 if config .client_secret_env_var :
@@ -339,24 +336,19 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
339336 env_value = env_value .strip ()
340337 try :
341338 from urllib .parse import urlparse
339+
342340 parsed = urlparse (env_value )
343341 if not parsed .scheme or not parsed .netloc :
344342 raise ValueError (
345- f"Invalid base_url from environment variable "
346- f"{ config .base_url_env_var } : '{ env_value } '"
343+ f"Invalid base_url from environment variable { config .base_url_env_var } : '{ env_value } '"
347344 )
348345 if parsed .scheme not in ("http" , "https" ):
349- raise ValueError (
350- f"Base URL from { config .base_url_env_var } "
351- f"must use http or https: '{ env_value } '"
352- )
346+ raise ValueError (f"Base URL from { config .base_url_env_var } must use http or https: '{ env_value } '" )
353347 base_url = env_value
354348 except Exception as e :
355349 if isinstance (e , ValueError ):
356350 raise
357- raise ValueError (
358- f"Invalid base_url from { config .base_url_env_var } : { e } "
359- ) from e
351+ raise ValueError (f"Invalid base_url from { config .base_url_env_var } : { e } " ) from e
360352
361353 revocation_endpoint = config .revocation_endpoint
362354 if config .revocation_endpoint_env_var :
@@ -367,6 +359,7 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
367359 if env_value : # Only validate if not empty
368360 try :
369361 from urllib .parse import urlparse
362+
370363 parsed = urlparse (env_value )
371364 if not parsed .scheme or not parsed .netloc :
372365 raise ValueError (
@@ -388,28 +381,37 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
388381
389382 # Final validation: ensure all required fields have values after env resolution
390383 if not authorization_endpoint :
391- env_var_hint = f" (environment variable { config .authorization_endpoint_env_var } is not set)" \
392- if config .authorization_endpoint_env_var else ""
384+ env_var_hint = (
385+ f" (environment variable { config .authorization_endpoint_env_var } is not set)"
386+ if config .authorization_endpoint_env_var
387+ else ""
388+ )
393389 raise ValueError (f"Authorization endpoint is required but not provided{ env_var_hint } " )
394390
395391 if not token_endpoint :
396- env_var_hint = f" (environment variable { config .token_endpoint_env_var } is not set)" \
397- if config .token_endpoint_env_var else ""
392+ env_var_hint = (
393+ f" (environment variable { config .token_endpoint_env_var } is not set)"
394+ if config .token_endpoint_env_var
395+ else ""
396+ )
398397 raise ValueError (f"Token endpoint is required but not provided{ env_var_hint } " )
399398
400399 if not client_id :
401- env_var_hint = f" (environment variable { config .client_id_env_var } is not set)" \
402- if config .client_id_env_var else ""
400+ env_var_hint = (
401+ f" (environment variable { config .client_id_env_var } is not set)" if config .client_id_env_var else ""
402+ )
403403 raise ValueError (f"Client ID is required but not provided{ env_var_hint } " )
404404
405405 if not client_secret :
406- env_var_hint = f" (environment variable { config .client_secret_env_var } is not set)" \
407- if config .client_secret_env_var else ""
406+ env_var_hint = (
407+ f" (environment variable { config .client_secret_env_var } is not set)" if config .client_secret_env_var else ""
408+ )
408409 raise ValueError (f"Client secret is required but not provided{ env_var_hint } " )
409410
410411 if not base_url :
411- env_var_hint = f" (environment variable { config .base_url_env_var } is not set)" \
412- if config .base_url_env_var else ""
412+ env_var_hint = (
413+ f" (environment variable { config .base_url_env_var } is not set)" if config .base_url_env_var else ""
414+ )
413415 raise ValueError (f"Base URL is required but not provided{ env_var_hint } " )
414416
415417 # Production security checks
@@ -430,9 +432,7 @@ def _create_oauth_proxy_provider(config: OAuthProxyConfig) -> "AuthProvider":
430432 ]:
431433 parsed = urlparse (url_value )
432434 if parsed .scheme == "http" :
433- raise ValueError (
434- f"OAuth proxy { url_name } must use HTTPS in production environment: '{ url_value } '"
435- )
435+ raise ValueError (f"OAuth proxy { url_name } must use HTTPS in production environment: '{ url_value } '" )
436436
437437 # Check for localhost in production
438438 parsed_base = urlparse (base_url )
0 commit comments