From ab65b19c4c30f25498284aa44e478080d90fe4fd Mon Sep 17 00:00:00 2001
From: Yuhong Sun <yuhongsun96@gmail.com>
Date: Mon, 2 Oct 2023 11:05:08 -0700
Subject: [PATCH] Add OAuth configurability (#499)

---
 backend/danswer/configs/app_configs.py | 10 ++++++++--
 backend/danswer/main.py                | 14 +++++---------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/backend/danswer/configs/app_configs.py b/backend/danswer/configs/app_configs.py
index 86a38e0bd..a1198f00f 100644
--- a/backend/danswer/configs/app_configs.py
+++ b/backend/danswer/configs/app_configs.py
@@ -58,8 +58,14 @@ VALID_EMAIL_DOMAINS = (
 )
 
 # OAuth Login Flow
-GOOGLE_OAUTH_CLIENT_ID = os.environ.get("GOOGLE_OAUTH_CLIENT_ID") or ""
-GOOGLE_OAUTH_CLIENT_SECRET = os.environ.get("GOOGLE_OAUTH_CLIENT_SECRET") or ""
+# Used for both Google OAuth2 and OIDC flows
+OAUTH_CLIENT_ID = (
+    os.environ.get("OAUTH_CLIENT_ID", os.environ.get("GOOGLE_OAUTH_CLIENT_ID")) or ""
+)
+OAUTH_CLIENT_SECRET = (
+    os.environ.get("OAUTH_CLIENT_SECRET", os.environ.get("GOOGLE_OAUTH_CLIENT_SECRET"))
+    or ""
+)
 
 # The following Basic Auth configs are not supported by the frontend UI
 REQUIRE_EMAIL_VERIFICATION = (
diff --git a/backend/danswer/main.py b/backend/danswer/main.py
index 24d4e99fc..85bf41a76 100644
--- a/backend/danswer/main.py
+++ b/backend/danswer/main.py
@@ -16,10 +16,9 @@ from danswer.chat.personas import load_personas_from_yaml
 from danswer.configs.app_configs import APP_HOST
 from danswer.configs.app_configs import APP_PORT
 from danswer.configs.app_configs import AUTH_TYPE
-from danswer.configs.app_configs import DISABLE_AUTH
 from danswer.configs.app_configs import DISABLE_GENERATIVE_AI
-from danswer.configs.app_configs import GOOGLE_OAUTH_CLIENT_ID
-from danswer.configs.app_configs import GOOGLE_OAUTH_CLIENT_SECRET
+from danswer.configs.app_configs import OAUTH_CLIENT_ID
+from danswer.configs.app_configs import OAUTH_CLIENT_SECRET
 from danswer.configs.app_configs import SECRET
 from danswer.configs.app_configs import WEB_DOMAIN
 from danswer.configs.constants import AuthType
@@ -115,7 +114,7 @@ def get_application() -> FastAPI:
         )
 
     elif AUTH_TYPE == AuthType.GOOGLE_OAUTH:
-        oauth_client = GoogleOAuth2(GOOGLE_OAUTH_CLIENT_ID, GOOGLE_OAUTH_CLIENT_SECRET)
+        oauth_client = GoogleOAuth2(OAUTH_CLIENT_ID, OAUTH_CLIENT_SECRET)
         application.include_router(
             fastapi_users.get_oauth_router(
                 oauth_client,
@@ -163,11 +162,8 @@ def get_application() -> FastAPI:
         # Will throw exception if an issue is found
         verify_auth()
 
-        if DISABLE_AUTH:
-            logger.info("User Authentication is turned off.")
-
-        if GOOGLE_OAUTH_CLIENT_ID and GOOGLE_OAUTH_CLIENT_SECRET:
-            logger.info("Found both OAuth Client ID and secret configured.")
+        if OAUTH_CLIENT_ID and OAUTH_CLIENT_SECRET:
+            logger.info("Both OAuth Client ID and Secret are configured.")
 
         if SKIP_RERANKING:
             logger.info("Reranking step of search flow is disabled")