Hide implicit flow and remove implicit client.

2025-08-09 03:22:43 +03:00 · 2019-03-15 11:41:56 -07:00
parent 46c049f353
commit 869f5aedaf
1 changed files with 12 additions and 10 deletions
--- a/command/oauth/cmd.go
+++ b/command/oauth/cmd.go
@@ -40,7 +40,6 @@ import (
 const (
 	defaultClientID          = "1087160488420-8qt7bavg3qesdhs6it824mhnfgcfe8il.apps.googleusercontent.com"
 	defaultClientNotSoSecret = "udTrOT3gzrO7W9fDPgZQLfYJ"
-	implicitClientID         = "1087160488420-iu4at42pp2ejebiaekg05fp0cato2l4s.apps.googleusercontent.com"

 	// The URN for getting verification token offline
 	oobCallbackUrn = "urn:ietf:wg:oauth:2.0:oob"
@@ -130,11 +129,13 @@ func init() {
 			},
 			cli.BoolFlag{
 				Name:   "implicit",
-				Usage: "Uses the implicit flow to authenticate the user. Requires **--insecure** flag.",
+				Usage:  "Uses the implicit flow to authenticate the user. Requires **--insecure** and **--client-id** flags.",
+				Hidden: true,
 			},
 			cli.BoolFlag{
 				Name:   "insecure",
 				Usage:  "Allows the use of insecure flows.",
+				Hidden: true,
 			},
 		},
 		Action: oauthCmd,
@@ -156,14 +157,15 @@ func oauthCmd(c *cli.Context) error {
 	if (opts.Provider != "google" || c.IsSet("authorization-endpoint")) && !c.IsSet("client-id") {
 		return errors.New("flag '--client-id' required with '--provider'")
 	}
-	if opts.Implicit && !c.Bool("insecure") {
-		return errs.RequiredInsecureFlag(c, "implicit")
-	}

 	var clientID, clientSecret string
 	if opts.Implicit {
-		clientID = implicitClientID
-		clientSecret = ""
+		if !c.Bool("insecure") {
+			return errs.RequiredInsecureFlag(c, "implicit")
+		}
+		if !c.IsSet("client-id") {
+			return errs.RequiredWithFlag(c, "implicit", "client-id")
+		}
 	} else {
 		clientID = defaultClientID
 		clientSecret = defaultClientNotSoSecret