oauth-backend/addon/GoogleLoginHint.py

import lib.target as target
from lib.report import save_report
import os
from urllib.parse import urlparse, parse_qs, urlencode, urlunparse
from dotenv import load_dotenv

# .env 파일 로드
load_dotenv(override=True)

class GoogleLoginHint:
    def __init__(self):
        self.google_id = os.getenv('GOOGLE_ID', '')
        if not self.google_id:
            print("⚠️  Warning: GOOGLE_ID not found in .env file")
    
    async def request(self, flow):
        """Google OAuth 요청을 가로채서 login_hint를 추가하거나 수정"""
        req = flow.request
        method = req.method
        url = req.pretty_url
        
        # Google OAuth 인증 URL인지 확인
        if self._is_google_oauth_url(url):
            print(f"🔍 Google OAuth URL detected: {url}")
            
            # URL 파싱
            parsed_url = urlparse(url)
            query_params = parse_qs(parsed_url.query)
            
            # login_hint 추가 또는 수정
            if self.google_id:
                query_params['login_hint'] = [self.google_id]
                print(f"✅ Added/Updated login_hint: {self.google_id}")
                
                # 새로운 쿼리 스트링 생성
                new_query = urlencode(query_params, doseq=True)
                
                # 새로운 URL 생성
                new_url = urlunparse((
                    parsed_url.scheme,
                    parsed_url.netloc,
                    parsed_url.path,
                    parsed_url.params,
                    new_query,
                    parsed_url.fragment
                ))
                
                # 요청 URL 수정
                flow.request.pretty_url = new_url
                print(f"🔄 Modified URL: {new_url}")
                
    
    def _is_google_oauth_url(self, url):
        """Google OAuth URL인지 확인"""
        google_oauth_domains = [
            'accounts.google.com',
            'oauth2.googleapis.com'
        ]
        
        parsed_url = urlparse(url)
        domain = parsed_url.netloc.lower()
        
        # Google OAuth 도메인 확인
        for google_domain in google_oauth_domains:
            if google_domain in domain:
                # OAuth 관련 경로 확인
                path = parsed_url.path.lower()
                if any(oauth_path in path for oauth_path in ['/oauth2', '/auth', '/login']):
                    return True
        
        return False