From 41eea96e63b9fdc9da9895093a0ae65013cf06d2 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@google.com>
Date: Mon, 23 Dec 2019 13:26:30 +0100
Subject: feat(third_party/lieer): Overwrite included client secret

---
 third_party/default.nix            |  1 +
 third_party/lieer/api_client.patch | 20 ++++++++++++++++++++
 third_party/lieer/default.nix      | 15 ++++++++++++++-
 3 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 third_party/lieer/api_client.patch

(limited to 'third_party')

diff --git a/third_party/default.nix b/third_party/default.nix
index 87c79ee8a9..e5394752f3 100644
--- a/third_party/default.nix
+++ b/third_party/default.nix
@@ -40,6 +40,7 @@ let
       fira
       fira-code
       fira-mono
+      gettext
       git
       glibc
       gnutar
diff --git a/third_party/lieer/api_client.patch b/third_party/lieer/api_client.patch
new file mode 100644
index 0000000000..595af087f1
--- /dev/null
+++ b/third_party/lieer/api_client.patch
@@ -0,0 +1,20 @@
+diff --git a/lieer/remote.py b/lieer/remote.py
+index 6e3973a..62728f7 100644
+--- a/lieer/remote.py
++++ b/lieer/remote.py
+@@ -25,12 +25,12 @@ class Remote:
+   # * https://stackoverflow.com/questions/19615372/client-secret-in-oauth-2-0?rq=1
+   #
+   OAUTH2_CLIENT_SECRET = {
+-        "client_id":"753933720722-ju82fu305lii0v9rdo6mf9hj40l5juv0.apps.googleusercontent.com",
+-        "project_id":"capable-pixel-160614",
++        "client_id":"945192553054-84bml3hfvv0floml1natqc4cribs0tmt.apps.googleusercontent.com",
++        "project_id":"tazjins-lieer-project",
+         "auth_uri":"https://accounts.google.com/o/oauth2/auth",
+         "token_uri":"https://accounts.google.com/o/oauth2/token",
+         "auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
+-        "client_secret":"8oudEG0Tvb7YI2V0ykp2Pzz9",
++        "client_secret":"${CLIENT_SECRET}",
+         "redirect_uris":["urn:ietf:wg:oauth:2.0:oob", "http://localhost"]
+     }
+ 
diff --git a/third_party/lieer/default.nix b/third_party/lieer/default.nix
index 80bd063501..810a3df1a5 100644
--- a/third_party/lieer/default.nix
+++ b/third_party/lieer/default.nix
@@ -7,7 +7,18 @@
 
 with pkgs.third_party;
 
-python3Packages.buildPythonApplication rec {
+let
+  # My employer does not allow third-party projects to use our email
+  # accounts, but I want to use lieer for it anyways.
+  #
+  # To accomplish this the following derivation creates a patch that
+  # replaces the API client with one that I control.
+  authPatch = runCommand "client_secret.patch" {} ''
+    export PATH=${lib.makeBinPath [ gettext ]}:$PATH
+    export CLIENT_SECRET='${builtins.getEnv "LIEER_CLIENT_SECRET"}'
+    cat ${./api_client.patch} | envsubst > $out
+  '';
+in python3Packages.buildPythonApplication rec {
   name = "lieer-${version}";
   version = "1.0";
 
@@ -18,6 +29,8 @@ python3Packages.buildPythonApplication rec {
     sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf";
   };
 
+  patches = [ authPatch ];
+
   propagatedBuildInputs = with python3Packages; [
     notmuch
     oauth2client
-- 
cgit 1.4.1