refactor: replace homemade 'set_parameter_in_url_query' method by

authlib 'add_params_to_uri'

Author: azmeuk

canaille/app/flask.py

@@ -1,8 +1,6 @@
 import datetime
 import logging
 from functools import wraps
-from urllib.parse import urlsplit
-from urllib.parse import urlunsplit
 
 from flask import abort
 from flask import current_app
@@ -78,15 +76,6 @@ def decorator(*args, **kwargs):
     return wrapper
 
 
-def set_parameter_in_url_query(url, **kwargs):
-    split = list(urlsplit(url))
-    pairs = split[3].split("&")
-    parameters = {pair.split("=")[0]: pair.split("=")[1] for pair in pairs if pair}
-    parameters = {**parameters, **kwargs}
-    split[3] = "&".join(f"{key}={value}" for key, value in parameters.items())
-    return urlunsplit(split)
-
-
 def request_is_boosted() -> bool:
     """Whether the request is boosted with HTMX.
 

canaille/oidc/endpoints/oauth.py

@@ -1,6 +1,7 @@
 import datetime
 import uuid
 
+from authlib.common.urls import add_params_to_uri
 from authlib.integrations.flask_oauth2 import current_token
 from authlib.jose import jwt
 from authlib.jose.errors import JoseError
@@ -21,7 +22,6 @@
 
 from canaille.app import models
 from canaille.app.flask import csrf
-from canaille.app.flask import set_parameter_in_url_query
 from canaille.app.i18n import gettext as _
 from canaille.app.session import current_user
 from canaille.app.session import logout_user
@@ -403,7 +403,7 @@ def end_session():
     ):
         url = data["post_logout_redirect_uri"]
         if "state" in data:
-            url = set_parameter_in_url_query(url, state=data["state"])
+            url = add_params_to_uri(url, dict(state=data["state"]))
         return redirect(url)
 
     flash(_("You have been disconnected"), "success")
@@ -420,7 +420,7 @@ def end_session_submit():
 
     if request.form["answer"] == "logout":
         session["end_session_confirmation"] = True
-        url = set_parameter_in_url_query(url_for("oidc.endpoints.end_session"), **data)
+        url = add_params_to_uri(url_for("oidc.endpoints.end_session"), data)
         return redirect(url)
 
     flash(_("You have not been disconnected"), "info")

demo/client/__init__.py

@@ -1,7 +1,5 @@
-from urllib.parse import urlsplit
-from urllib.parse import urlunsplit
-
 from authlib.common.errors import AuthlibBaseError
+from authlib.common.urls import add_params_to_uri
 from authlib.integrations.flask_client import OAuth
 from authlib.oidc.discovery import get_well_known_url
 from flask import Flask
@@ -66,11 +64,13 @@ def logout():
         end_session_endpoint = oauth.canaille.server_metadata.get(
             "end_session_endpoint"
         )
-        end_session_url = set_parameter_in_url_query(
+        end_session_url = add_params_to_uri(
             end_session_endpoint,
-            client_id=current_app.config["OAUTH_CLIENT_ID"],
-            id_token_hint=session["id_token"],
-            post_logout_redirect_uri=url_for("logout_callback", _external=True),
+            dict(
+                client_id=current_app.config["OAUTH_CLIENT_ID"],
+                id_token_hint=session["id_token"],
+                post_logout_redirect_uri=url_for("logout_callback", _external=True),
+            ),
         )
         return redirect(end_session_url)
 
@@ -106,16 +106,3 @@ def create_app():
     setup_routes(app)
     setup_oauth(app)
     return app
-
-
-def set_parameter_in_url_query(url, **kwargs):
-    split = list(urlsplit(url))
-
-    parameters = "&".join(f"{key}={value}" for key, value in kwargs.items())
-
-    if split[3]:
-        split[3] = f"{split[3]}&{parameters}"
-    else:
-        split[3] = parameters
-
-    return urlunsplit(split)