Fix #2 and #5, bump version to 0.1.1

nwunderly · nwunderly · commit bfbdf314fa3d · 2021-05-11T17:03:32.000-04:00
Fix for #2 - PyPI installation should properly install the lib's dependencies now To address #5 - Optional 'state' and 'prompt' kwargs have been added to DiscordOAuthClient.redirect() Some small housekeeping with example and test scripts. Set discord.py dependency to <=1.7,<2 to prepare for discord.py 2.0 release possibly in the near future. Bumped version to 0.1.1! 🎉
diff --git a/examples/session_handling_fastapi.py b/examples/session_handling_fastapi.py
@@ -7,9 +7,10 @@
 
 import secrets
 import uvicorn
-from fastapi import FastAPI, HTTPException
+from fastapi import FastAPI
 from starlette.requests import Request
 from starlette.responses import RedirectResponse
+from starlette.exceptions import HTTPException
 from starlette.middleware.sessions import SessionMiddleware
 from starlette_discord.client import DiscordOAuthClient
 
diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,3 @@
-discord.py
+discord.py>=1.7,<2
 oauthlib
 starlette>=0.13.6
diff --git a/setup.py b/setup.py
@@ -10,6 +10,10 @@
     version = re.search(r'^__version__\s*=\s*[\'"]([^\'"]*)[\'"]', fp.read(), re.MULTILINE).group(1)
 
 
+with open('requirements.txt') as f:
+    requirements = f.read().splitlines()
+
+
 setuptools.setup(
     name='starlette-discord',
     author='nwunderly',
@@ -21,14 +25,15 @@
     description='"Login with Discord" support for Starlette and FastAPI.',
     long_description=long_description,
     long_description_content_type='text/markdown',
+    install_requires=requirements,
     extras_require={
         'docs': [
             'sphinx',
             'sphinxcontrib_trio',
         ],
     },
-    packages=setuptools.find_packages(),
     python_requires='>=3.8',
+    packages=setuptools.find_packages(),
     classifiers=[
         'Development Status :: 2 - Pre-Alpha',
         'License :: OSI Approved :: MIT License',
@@ -42,3 +47,4 @@
         'Topic :: Utilities',
     ],
 )
+
diff --git a/starlette_discord/__init__.py b/starlette_discord/__init__.py
@@ -11,6 +11,6 @@
 __author__ = 'nwunderly'
 __license__ = 'MIT'
 __copyright__ = 'Copyright 2021 nwunderly'
-__version__ = '0.1.0'
+__version__ = '0.1.1'
 
 from .client import DiscordOAuthClient, DiscordOAuthSession
diff --git a/starlette_discord/client.py b/starlette_discord/client.py
@@ -11,8 +11,14 @@ class DiscordOAuthSession(OAuth2Session):
 
     Parameters
     ----------
-    code:
+    code: :class:`str`
         Authorization code included with user request after redirect from Discord.
+    client_id: :class:`int`
+        Your Discord application client ID.
+    scope: :class:`str`
+        Discord authorization scopes separated by %20.
+    redirect_uri: :class:`str`
+        Your Discord application redirect URI.
     """
     def __init__(self, code, client_id, client_secret, scope, redirect_uri):
         self._discord_auth_code = code
@@ -134,22 +140,39 @@ class DiscordOAuthClient:
         Discord application client secret.
     redirect_uri:
         Discord application redirect URI.
+    scopes: :class:`tuple[str]`
+        Discord authorization scopes.
     """
     def __init__(self, client_id, client_secret, redirect_uri, scopes=('identify',)):
         self.client_id = client_id
         self.client_secret = client_secret
         self.redirect_uri = redirect_uri
-        self.scopes = ' '.join(scope for scope in scopes)
+        self.scope = ' '.join(scope for scope in scopes)
 
-    def redirect(self):
-        """Returns a RedirectResponse that directs to Discord login."""
+    def redirect(self, state=None, prompt=None):
+        """Returns a RedirectResponse that directs to Discord login.
+
+        Parameters
+        ----------
+        state: :class:`Optional[str]`
+            Optional state parameter for Discord redirect URL.
+            Docs can be found `here <https://discord.com/developers/docs/topics/oauth2#state-and-security>`_.
+
+        prompt: :class:`Optional[str]`
+            Optional prompt parameter for Discord redirect URL.
+            If ``consent``, user is prompted to re-approve authorization. If ``none``, skips authorization if user has already authorized.
+            Defaults to ``consent``.
+        """
         client_id = f'client_id={self.client_id}'
         redirect_uri = f'redirect_uri={self.redirect_uri}'
-        scopes = f'scope={self.scopes}'
+        scopes = f'scope={self.scope}'
         response_type = 'response_type=code'
-        return RedirectResponse(
-            DISCORD_URL + f'/api/oauth2/authorize?{client_id}&{redirect_uri}&{scopes}&{response_type}'
-        )
+        url = DISCORD_URL + f'/api/oauth2/authorize?{client_id}&{redirect_uri}&{scopes}&{response_type}'
+        if state:
+            url += f'&state={state}'
+        if prompt:
+            url += f'&prompt={prompt}'
+        return RedirectResponse(url)
 
     def session(self, code) -> DiscordOAuthSession:
         """Create a new DiscordOAuthSession with this client's information.
@@ -168,7 +191,7 @@ def session(self, code) -> DiscordOAuthSession:
             code=code,
             client_id=self.client_id,
             client_secret=self.client_secret,
-            scope=self.scopes,
+            scope=self.scope,
             redirect_uri=self.redirect_uri,
         )
 
diff --git a/starlette_discord/oauth.py b/starlette_discord/oauth.py
@@ -1,7 +1,8 @@
 ########################################################################################################
 # This file was originally found at: https://gist.github.com/kellerza/5ca798f49983bb702bc6e7a05ba53def #
+# Thanks, kellerza! <3                                                                                 #
 #                                                                                                      #
-# Thanks, kellerza                                                                                     #
+# - nwunder                                                                                            #
 ########################################################################################################
 
 """OAuth2Support for aiohttp.ClientSession.
diff --git a/tests/test_fastapi.py b/tests/test_fastapi.py
diff --git a/tests/test_starlette.py b/tests/test_starlette.py
diff --git a/tests/test_state_fastapi.py b/tests/test_state_fastapi.py
@@ -0,0 +1,36 @@
+import secrets
+import uvicorn
+from fastapi import FastAPI
+from starlette.requests import Request
+from starlette.exceptions import HTTPException
+from starlette.middleware.sessions import SessionMiddleware
+
+from starlette_discord.client import DiscordOAuthClient
+from auth import CLIENT_ID, CLIENT_SECRET, REDIRECT_URI
+
+
+app = FastAPI()
+client = DiscordOAuthClient(CLIENT_ID, CLIENT_SECRET, REDIRECT_URI, scopes=('identify', 'guilds', 'email', 'connections'))
+
+
+@app.get('/login')
+async def login_with_discord(request: Request):
+    state = secrets.token_urlsafe(32)
+    request.session['state'] = state
+    return client.redirect(state=state, prompt='none')
+
+
+@app.get('/callback')
+async def callback(request: Request, code: str, state: str):
+    # raise 401-Unauthorized if state doesn't match
+    if not state == request.session.get('state'):
+        raise HTTPException(401)
+
+    async with client.session(code) as session:
+        u = await session.identify()
+
+    return {'user': u}
+
+
+app.add_middleware(SessionMiddleware, secret_key=secrets.token_urlsafe(64))
+uvicorn.run(app, host='0.0.0.0', port=9000)
