Fix the OAuth authentication

Signed-off-by: pacoorozco <paco@pacoorozco.info>

Author: pacoorozco

internal/app/oauth.go

@@ -40,10 +40,9 @@ func (app *App) AuthenticateFromToken(ctx context.Context) (*http.Client, error)
 }
 
 type AuthenticationOptions struct {
-	// Hostname of the redirect URL.
-	// You can set this if your provider does not accept localhost.
-	// Default to localhost.
-	RedirectURLHostname string
+	// URL of the redirect URL to use for authentication.
+	// It has the form of "http://localhost:12345".
+	RedirectURL string
 
 	// Hostname and port which the local server binds to.
 	// You can set port number to 0 to allocate a free port.
@@ -62,7 +61,7 @@ func (app *App) AuthenticateFromWeb(ctx context.Context, authOptions Authenticat
 		ClientSecret:           app.Config.APIAppCredentials.ClientSecret,
 		Logf:                   app.Logger.Debugf,
 		LocalServerBindAddress: []string{authOptions.LocalServerBindAddress},
-		RedirectURLHostname:    authOptions.RedirectURLHostname,
+		RedirectURL:            authOptions.RedirectURL,
 	}
 
 	token, err := oauth.GetToken(ctx, cfg)

internal/cli/auth/auth.go

@@ -3,6 +3,7 @@ package auth
 import (
 	"context"
 	"fmt"
+	"net/url"
 
 	"github.com/spf13/cobra"
 
@@ -18,6 +19,7 @@ type AuthCmd struct {
 	Port                int
 	LocalBindAddress    string
 	RedirectURLHostname string
+	RedirectURL         string
 }
 
 func NewCommand(globalFlags *flags.GlobalFlags) *cobra.Command {
@@ -33,7 +35,14 @@ func NewCommand(globalFlags *flags.GlobalFlags) *cobra.Command {
 
 	authCmd.Flags().IntVar(&cmd.Port, "port", 0, "port on which the auth server will listen (default 0)")
 	authCmd.Flags().StringVar(&cmd.LocalBindAddress, "local-bind-address", "127.0.0.1", "local address on which the auth server will listen")
-	authCmd.Flags().StringVar(&cmd.RedirectURLHostname, "redirect-url-hostname", "localhost", "hostname of the redirect URL")
+
+	// Declare the version flag and then you can deprecate it.
+	authCmd.Flags().StringVar(&cmd.RedirectURLHostname, "redirect-url-hostname", "", "hostname of the redirect URL")
+	err := authCmd.Flags().MarkDeprecated("redirect-url-hostname", "use --redirect-url instead")
+	if err != nil {
+		panic(fmt.Sprintf("error marking flag --redirect-url-hostname as deprecated: %v", err))
+	}
+	authCmd.Flags().StringVar(&cmd.RedirectURL, "redirect-url", "", "URL of the redirect URL to use for authentication, (e.g. http://localhost:12345)")
 
 	return authCmd
 }
@@ -48,12 +57,43 @@ func (cmd *AuthCmd) Run(cobraCmd *cobra.Command, args []string) error {
 		_ = cli.Stop()
 	}()
 
+	// TODO: Remove this check in the v6 release.
+	// --redirect-url-hostname is deprecated, so we keep it for backward compatibility.
+	if cmd.RedirectURLHostname != "" && cmd.Port == 0 {
+		return fmt.Errorf("--port is required when using --redirect-url-hostname")
+	}
+	if cmd.RedirectURL != "" && cmd.RedirectURLHostname != "" {
+		return fmt.Errorf("--redirect-url and --redirect-url-hostname cannot be used together")
+	}
+	// End of TODO
+
+	// Validate the redirect URL if it is set.
+	if cmd.RedirectURL != "" {
+		_, err := url.ParseRequestURI(cmd.RedirectURL)
+		if err != nil {
+			return fmt.Errorf("invalid redirect URL '%s'", cmd.RedirectURL)
+		}
+	}
+
+	// If redirect URL is set, we require the port to be specified as well.
+	if cmd.RedirectURL != "" && cmd.Port == 0 {
+		return fmt.Errorf("--port is required when using --redirect-url")
+	}
+
 	// customize authentication options based on the command line parameters
 	authOptions := app.AuthenticationOptions{}
 	authOptions.LocalServerBindAddress = fmt.Sprintf("%s:%d", cmd.LocalBindAddress, cmd.Port)
 
+	// TODO: Remove this check in the v6 release.
+	// If redirect URL hostname is set, we use it to construct the redirect URL.
 	if cmd.RedirectURLHostname != "" {
-		authOptions.RedirectURLHostname = cmd.RedirectURLHostname
+		authOptions.RedirectURL = fmt.Sprintf("http://%s:%d", cmd.RedirectURLHostname, cmd.Port)
+	}
+	// End of TODO
+
+	// If redirect URL is set, we use it to construct the redirect URL.
+	if cmd.RedirectURL != "" {
+		authOptions.RedirectURL = cmd.RedirectURL
 	}
 
 	_, err = cli.AuthenticateFromWeb(ctx, authOptions)

internal/oauth/oauth.go

@@ -42,24 +42,22 @@ var (
 
 // Config represents a config for the OAuth 2.0 flow.
 type Config struct {
-	// OAuth's application ID.
+	// ClientID is the application's ID.
 	ClientID string
-	// OAuth's application secret.
+	// ClientSecret is the application's secret.
 	ClientSecret string
 
 	// Logger function for debug.
 	Logf func(format string, args ...interface{})
 
-	// Candidates of hostname and port which the local server binds to.
+	// LocalServerBindAddress is a list of candidates of hostname and port which the local server binds to.
 	// You can set port number to 0 to allocate a free port.
 	// If multiple addresses are given, it will try the ports in order.
 	// If nil or an empty slice is given, it defaults to "127.0.0.1:0" i.e., a free port.
 	LocalServerBindAddress []string
 
-	// Hostname of the redirect URL.
-	// You can set this if your provider does not accept localhost.
-	// Default to localhost.
-	RedirectURLHostname string
+	// RedirectURL is the URL to redirect users going through the OAuth flow, after the resource owner's URLs.
+	RedirectURL string
 
 	oAuth2Config *oauth2.Config
 }
@@ -108,7 +106,7 @@ func (c *Config) validateAndSetDefaults() error {
 			PhotosLibraryEditAppCreatedDataScope,
 		},
 		Endpoint:    GoogleAuthEndpoint,
-		RedirectURL: c.RedirectURLHostname,
+		RedirectURL: c.RedirectURL,
 	}
 
 	return nil
@@ -123,7 +121,6 @@ func (c *Config) getTokenFromWeb(ctx context.Context) (*oauth2.Token, error) {
 		LocalServerReadyChan:   ready,
 		Logf:                   c.Logf,
 		LocalServerBindAddress: c.LocalServerBindAddress,
-		RedirectURLHostname:    c.RedirectURLHostname,
 	}
 
 	var token *oauth2.Token
@@ -132,7 +129,7 @@ func (c *Config) getTokenFromWeb(ctx context.Context) (*oauth2.Token, error) {
 		select {
 		case url := <-ready:
 			fmt.Printf("\nVisit the URL below in a browser:\n\n%s\n\n", url)
-			fmt.Printf("If you need to open the URL from another machine, you should use the --local-bind-address and --redirect-url-hostname flags.\n\n")
+			fmt.Printf("To connect from another machine, use --local-bind-address, --port and --redirect-url.\n\n")
 			return nil
 		case <-ctx.Done():
 			return fmt.Errorf("context done while waiting for authorization: %w", ctx.Err())