Expose oauth constants (#725)

* Unify SCOPE and OAuth constants in abstract base

Move AUTHORIZE_URL, TOKEN_URL, and SCOPE to
PyViCareAbstractOAuthManager as the single source of truth.
Both PyViCareOAuthManager and PyViCareBrowserOAuthManager now
import from there.

* Define individual scope constants per CFenner review

Replace VIESSMANN_SCOPE list with individual constants:
SCOPE_IOT, SCOPE_USER, SCOPE_OFFLINE_ACCESS, SCOPE_INTERNAL.

Each manager builds its own scope list from these constants,
making it explicit which scopes each flow requests.

* Apply suggestions from code review

Co-authored-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

* Update PyViCareOAuthManager.py

---------

Co-authored-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

Author: lackas

PyViCare/PyViCareAbstractOAuthManager.py

@@ -15,6 +15,13 @@
 logger.addHandler(logging.NullHandler())
 
 API_BASE_URL = 'https://api.viessmann-climatesolutions.com/iot/v2'
+AUTHORIZE_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/authorize'
+TOKEN_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/token'
+
+SCOPE_IOT = "IoT"
+SCOPE_USER = "User"
+SCOPE_OFFLINE_ACCESS = "offline_access"
+SCOPE_INTERNAL = "internal"
 
 
 class AbstractViCareOAuthManager:

PyViCare/PyViCareBrowserOAuthManager.py

@@ -7,17 +7,21 @@
 from authlib.common.security import generate_token
 from authlib.integrations.requests_client import OAuth2Session
 
-from PyViCare.PyViCareAbstractOAuthManager import AbstractViCareOAuthManager
+from PyViCare.PyViCareAbstractOAuthManager import (
+    AUTHORIZE_URL,
+    SCOPE_IOT,
+    SCOPE_OFFLINE_ACCESS,
+    SCOPE_USER,
+    TOKEN_URL,
+    AbstractViCareOAuthManager,
+)
 from PyViCare.PyViCareUtils import (PyViCareBrowserOAuthTimeoutReachedError,
                                     PyViCareInvalidCredentialsError)
 
 logger = logging.getLogger('ViCare')
 logger.addHandler(logging.NullHandler())
 
-AUTHORIZE_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/authorize'
-TOKEN_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/token'
 REDIRECT_PORT = 51125
-VIESSMANN_SCOPE = ["IoT User", "offline_access"]
 AUTH_TIMEOUT = 60 * 3
 
 
@@ -50,7 +54,7 @@ def __load_or_create_new_session(self):
     def __execute_browser_authentication(self):
         redirect_uri = f"http://localhost:{REDIRECT_PORT}"
         oauth_session = OAuth2Session(
-            self.client_id, redirect_uri=redirect_uri, scope=VIESSMANN_SCOPE, code_challenge_method='S256')
+            self.client_id, redirect_uri=redirect_uri, scope=[SCOPE_IOT, SCOPE_USER, SCOPE_OFFLINE_ACCESS], code_challenge_method='S256')
         code_verifier = generate_token(48)
         authorization_url, _ = oauth_session.create_authorization_url(AUTHORIZE_URL, code_verifier=code_verifier)
 

PyViCare/PyViCareOAuthManager.py

@@ -8,17 +8,20 @@
 from authlib.common.security import generate_token
 from authlib.integrations.requests_client import OAuth2Session
 
-from PyViCare.PyViCareAbstractOAuthManager import AbstractViCareOAuthManager
+from PyViCare.PyViCareAbstractOAuthManager import (
+    AUTHORIZE_URL,
+    SCOPE_IOT,
+    SCOPE_USER,
+    TOKEN_URL,
+    AbstractViCareOAuthManager,
+)
 from PyViCare.PyViCareUtils import (PyViCareInvalidConfigurationError,
                                     PyViCareInvalidCredentialsError)
 
 logger = logging.getLogger('ViCare')
 logger.addHandler(logging.NullHandler())
 
-AUTHORIZE_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/authorize'
-TOKEN_URL = 'https://iam.viessmann-climatesolutions.com/idp/v3/token'
 REDIRECT_URI = "vicare://oauth-callback/everest"
-VIESSMANN_SCOPE = ["IoT User"]
 
 
 class ViCareOAuthManager(AbstractViCareOAuthManager):
@@ -55,7 +58,7 @@ def __create_new_session(self, username, password, token_file=None):
             oauth sessions object
         """
         oauth_session = OAuth2Session(
-            self.client_id, redirect_uri=REDIRECT_URI, scope=VIESSMANN_SCOPE, code_challenge_method='S256')
+            self.client_id, redirect_uri=REDIRECT_URI, scope=[SCOPE_IOT, SCOPE_USER], code_challenge_method='S256')
         code_verifier = generate_token(48)
         authorization_url, _ = oauth_session.create_authorization_url(AUTHORIZE_URL, code_verifier=code_verifier)
         logger.debug("Auth URL is: %s", authorization_url)