From ee9012fa2418f88429ba51d6c3fa3ea9724b7c60 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 17:14:55 -0400
Subject: [PATCH] Completed OAuth change to make the use of the metadata URL
 setting exclusive to the authorization and token URL settings. If the former
 is defined, it will be used in preference to the latter.

---
 powerdnsadmin/services/azure.py  | 5 +++--
 powerdnsadmin/services/github.py | 5 +++--
 powerdnsadmin/services/google.py | 5 +++--
 powerdnsadmin/services/oidc.py   | 5 +++--
 4 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 2976c98..901cc45 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -20,8 +20,6 @@ def azure_oauth():
         'client_secret': Setting().get('azure_oauth_secret'),
         'api_base_url': Setting().get('azure_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('azure_oauth_token_url'),
-        'authorize_url': Setting().get('azure_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('azure_oauth_scope')},
         'fetch_token': fetch_azure_token,
     }
@@ -30,6 +28,9 @@ def azure_oauth():
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('azure_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('azure_oauth_authorize_url')
 
     azure = authlib_oauth_client.register(
         'azure',
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index 73671fb..f322e8c 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -21,8 +21,6 @@ def github_oauth():
         'request_token_params': {'scope': Setting().get('github_oauth_scope')},
         'api_base_url': Setting().get('github_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('github_oauth_token_url'),
-        'authorize_url': Setting().get('github_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('github_oauth_scope')},
         'fetch_token': fetch_github_token,
         'update_token': update_token
@@ -32,6 +30,9 @@ def github_oauth():
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('github_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('github_oauth_authorize_url')
 
     github = authlib_oauth_client.register(
         'github',
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 88a0d12..011c120 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -20,8 +20,6 @@ def google_oauth():
         'client_secret': Setting().get('google_oauth_client_secret'),
         'api_base_url': Setting().get('google_base_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('google_token_url'),
-        'authorize_url': Setting().get('google_authorize_url'),
         'client_kwargs': {'scope': Setting().get('google_oauth_scope')},
         'fetch_token': fetch_google_token,
         'update_token': update_token
@@ -31,6 +29,9 @@ def google_oauth():
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('google_token_url')
+        authlib_params['authorize_url'] = Setting().get('google_authorize_url')
 
     google = authlib_oauth_client.register(
         'google',
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 3304b6a..25c73f0 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -20,8 +20,6 @@ def oidc_oauth():
         'client_secret': Setting().get('oidc_oauth_secret'),
         'api_base_url': Setting().get('oidc_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('oidc_oauth_token_url'),
-        'authorize_url': Setting().get('oidc_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('oidc_oauth_scope')},
         'fetch_token': fetch_oidc_token,
         'update_token': update_token
@@ -31,6 +29,9 @@ def oidc_oauth():
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('oidc_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('oidc_oauth_authorize_url')
 
     oidc = authlib_oauth_client.register(
         'oidc',