mayor mayor, everything didnt fail

affe4ever · affe4ever · commit a9606eb23c90 · 2025-10-02T23:06:28.000+02:00
diff --git a/project/__init__.py b/project/__init__.py
@@ -9,6 +9,7 @@ def create_app():
     GAMMA_ROOT = 'https://auth.chalmers.it'
     auth_uri = f'{GAMMA_ROOT}/oauth2/authorize'
     token_uri = f'{GAMMA_ROOT}/oauth2/token'
+    jwks_uri = f'{GAMMA_ROOT}/oauth2/jwks'
     user_info_uri = f'{GAMMA_ROOT}/oauth2/userinfo'
     redirect_uri = 'http://127.0.0.1:5000/api/auth/callbacks/gamma'
     client_id = os.getenv('GAMMA_CLIENT_ID', '')
@@ -22,7 +23,7 @@ def create_app():
     # Initialize OAuth with the Flask app
     oauth = OAuth(app)
 
-    # Register Gamma OAuth client for OAuth2 (disable OpenID Connect)
+    # Register Gamma OAuth client with proper JWKS URI
     oauth.register(
         name='gamma',
         client_id=client_id,
@@ -31,8 +32,11 @@ def create_app():
         authorize_url=auth_uri,
         api_base_url=GAMMA_ROOT,
         client_kwargs={
-            'scope': 'openid profile email',  # Keep working scopes
+            'scope': 'openid email profile',  # Required scopes for Gamma
         },
+        # Provide JWKS URI for JWT validation
+        jwks_uri=jwks_uri,
+        server_metadata_url=None,  # Disable auto-discovery
     )
 
     # blueprint for auth routes in our app
diff --git a/project/auth.py b/project/auth.py
@@ -36,22 +36,22 @@ def callback():
     # Get the access token from the callback
     token = gamma.authorize_access_token()
     
-    # Get user info using a simple GET request with the full URL
-    user_info_response = gamma.get('/oauth2/userinfo', token=token)
-    user_info = user_info_response.json()
+    # Try to get user info
+    try:
+        user_info_response = gamma.get('/oauth2/userinfo', token=token)
+        user_info = user_info_response.json()
+    except Exception as e:
+        print(f"UserInfo API Exception: {e}")
+        # Fallback to basic info from token
+        user_info = {
+            'message': 'UserInfo unavailable',
+            'scopes': token.get('scope', 'N/A')
+        }
     
     # Store user info in session
     session['user'] = user_info
     session['token'] = token
     
-    # Debug output to see what we're getting
-    print("=== TOKEN INFO ===")
-    print(f"Token type: {token.get('token_type', 'N/A')}")
-    print(f"Access token: {token.get('access_token', 'N/A')[:50]}...")
-    print(f"Scope: {token.get('scope', 'N/A')}")
-    print("\n=== USER INFO ===")
-    print(user_info)
-    
     return redirect(url_for('main.index'))
 
 
