updated the oauth2 providers to use the existing oauth2 endpoints and…

… removed the email from spotify
zaniar · Nov 13, 2022 · c95e50c · c95e50c
1 parent bac5d76
commit c95e50c
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 9 deletions.
diff --git a/tools/auth/facebook.go b/tools/auth/facebook.go
@@ -2,6 +2,7 @@ package auth
 
 import (
 	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/facebook"
 )
 
 var _ Provider = (*Facebook)(nil)
@@ -18,8 +19,8 @@ type Facebook struct {
 func NewFacebookProvider() *Facebook {
 	return &Facebook{&baseProvider{
 		scopes:     []string{"email"},
-		authUrl:    "https://www.facebook.com/dialog/oauth",
-		tokenUrl:   "https://graph.facebook.com/oauth/access_token",
+		authUrl:    facebook.Endpoint.AuthURL,
+		tokenUrl:   facebook.Endpoint.TokenURL,
 		userApiUrl: "https://graph.facebook.com/me?fields=name,email,picture.type(large)",
 	}}
 }

diff --git a/tools/auth/github.go b/tools/auth/github.go
@@ -6,6 +6,7 @@ import (
 	"strconv"
 
 	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/github"
 )
 
 var _ Provider = (*Github)(nil)
@@ -22,8 +23,8 @@ type Github struct {
 func NewGithubProvider() *Github {
 	return &Github{&baseProvider{
 		scopes:     []string{"read:user", "user:email"},
-		authUrl:    "https://github.com/login/oauth/authorize",
-		tokenUrl:   "https://github.com/login/oauth/access_token",
+		authUrl:    github.Endpoint.AuthURL,
+		tokenUrl:   github.Endpoint.TokenURL,
 		userApiUrl: "https://api.github.com/user",
 	}}
 }

diff --git a/tools/auth/spotify.go b/tools/auth/spotify.go
@@ -18,7 +18,11 @@ type Spotify struct {
 // NewSpotifyProvider creates a new Spotify provider instance with some defaults.
 func NewSpotifyProvider() *Spotify {
 	return &Spotify{&baseProvider{
-		scopes:     []string{"user-read-private", "user-read-email"},
+		scopes: []string{
+			"user-read-private",
+			// currently Spotify doesn't return information whether the email is verified or not
+			// "user-read-email",
+		},
 		authUrl:    spotify.Endpoint.AuthURL,
 		tokenUrl:   spotify.Endpoint.TokenURL,
 		userApiUrl: "https://api.spotify.com/v1/me",
@@ -31,20 +35,22 @@ func (p *Spotify) FetchAuthUser(token *oauth2.Token) (*AuthUser, error) {
 	rawData := struct {
 		Id     string `json:"id"`
 		Name   string `json:"display_name"`
-		Email  string `json:"email"`
 		Images []struct {
 			Url string `json:"url"`
 		} `json:"images"`
+		// don't map the email because per the official docs
+		// the email field is "unverified" and there is no proof
+		// that it actually belongs to the user
+		// Email  string `json:"email"`
 	}{}
 
 	if err := p.FetchRawUserData(token, &rawData); err != nil {
 		return nil, err
 	}
 
 	user := &AuthUser{
-		Id:    rawData.Id,
-		Name:  rawData.Name,
-		Email: rawData.Email,
+		Id:   rawData.Id,
+		Name: rawData.Name,
 	}
 	if len(rawData.Images) > 0 {
 		user.AvatarUrl = rawData.Images[0].Url