From 9bd23d229c00a2b376fc2b9b4d161d4a1125e1ed Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 8 Jul 2024 07:13:57 +0000
Subject: [PATCH 1/2] chore(deps): bump authlib from 0.15.2 to 1.3.1

Bumps [authlib](https://github.com/lepture/authlib) from 0.15.2 to 1.3.1.
- [Release notes](https://github.com/lepture/authlib/releases)
- [Changelog](https://github.com/lepture/authlib/blob/master/docs/changelog.rst)
- [Commits](https://github.com/lepture/authlib/compare/v0.15.2...v1.3.1)

---
updated-dependencies:
- dependency-name: authlib
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 dev-requirements.txt | 2 +-
 requirements.txt     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dev-requirements.txt b/dev-requirements.txt
index 04abf13f..a06fe620 100644
--- a/dev-requirements.txt
+++ b/dev-requirements.txt
@@ -13,7 +13,7 @@ mysqlclient>=1.4.2
 cached-property>=1.5.1
 st2client==3.3.0
 rule==0.1.1
-Authlib==0.15.2
+Authlib==1.3.1
 httpx==0.*
 fastapi==0.*
 fastapi_pagination==0.9.3
diff --git a/requirements.txt b/requirements.txt
index 0e6cf415..6cce2fe4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,7 +14,7 @@ mysqlclient>=1.4.2
 cached-property>=1.5.1
 st2client==3.3.0
 rule==0.1.1
-Authlib<=1.0.1
+Authlib<=1.3.1
 httpx==0.*
 fastapi==0.*
 fastapi_pagination==0.9.3

From 33866056622e18dc32b411ca55c9a1d7490968a9 Mon Sep 17 00:00:00 2001
From: QSummerY <1272750872@qq.com>
Date: Mon, 8 Jul 2024 18:13:20 +0800
Subject: [PATCH 2/2] fix login KeyError id_token after authlib-1.3.1

---
 helpdesk/views/auth/index.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/helpdesk/views/auth/index.py b/helpdesk/views/auth/index.py
index 0fa1c730..099e8dab 100644
--- a/helpdesk/views/auth/index.py
+++ b/helpdesk/views/auth/index.py
@@ -40,16 +40,16 @@ async def callback(oauth_provider: str, request: Request):
     oauth_client = oauth_clients[oauth_provider]
 
     token = await oauth_client.authorize_access_token(request)
-    id_token = await oauth_client.parse_id_token(request, token)
-    logger.debug("auth succeed %s", id_token)
+    userinfo = token['userinfo']
+    logger.debug("auth succeed %s", userinfo)
 
-    username = oauth_username_func(id_token)
-    email = id_token['email']
+    username = oauth_username_func(userinfo)
+    email = userinfo['email']
 
-    access = id_token.get('resource_access', {})
+    access = userinfo.get('resource_access', {})
     roles = access.get(oauth_client.client_id, {}).get('roles', [])
 
-    user = User(name=username, email=email, roles=roles, avatar=id_token.get('picture'))
+    user = User(name=username, email=email, roles=roles, avatar=userinfo.get('picture', ''))
 
     request.session['user'] = user.json()