Merge pull request #2 from Rippling/APPS-26017

removed client_secrets from code

rippling_cli/cli/commands/login.py

@@ -15,18 +15,16 @@ def login(ctx) -> None:
     """
     Log in to the application using OAuth
     """
-    client_id, client_secret = ctx.obj.oauth_credentials
-    if client_id and client_secret:
+    client_id = ctx.obj.oauth_credentials
+    if client_id:
         if ctx.obj.oauth_token:
             click.echo("Already logged in")
         else:
-            client_id, client_secret = OAuthClient.get_client_credentials()
-
             code_verifier, code_challenge = PKCE.generate_pkce_pair(DEFAULT_CODE_VERIFIER_LENGTH)
 
             token = OAuthToken(client_id, code_challenge, CODE_CHALLENGE_METHOD)
             token.start_authorization_flow()
-            access_token = token.exchange_for_token(client_secret, code_verifier)
+            access_token = token.exchange_for_token(code_verifier)
             ctx.obj.oauth_token = access_token
 
             save_oauth_token(access_token, token.expires_in)

rippling_cli/cli/main.py

@@ -7,7 +7,7 @@
 from rippling_cli.core.oauth_token import OAuthToken
 from rippling_cli.core.rippling_context import RipplingContext
 from rippling_cli.cli.commands.login import login
-from rippling_cli.config.config import get_oauth_credentials, get_oauth_token_data
+from rippling_cli.config.config import get_client_id, get_oauth_token_data
 
 
 @click.group(context_settings=dict(help_option_names=["-h", "--help"]))
@@ -33,7 +33,7 @@ def cli(ctx):
     ctx.obj = RipplingContext()
 
     # Load the OAuth credentials from the config.py file
-    ctx.obj.oauth_credentials = get_oauth_credentials()
+    ctx.obj.oauth_credentials = get_client_id()
 
     # Load the OAuth token from the config directory
     oauth_token_dict = get_oauth_token_data()

rippling_cli/config/config.py

@@ -7,13 +7,12 @@
 
 from rippling_cli.constants import OAUTH_TOKEN_FILE_NAME, RIPPLING_DIRECTORY_NAME
 
-CLIENT_ID = os.environ.get("CLIENT_ID", "Kj0JYvGDOpME1ovZ2B4n3af6uINli19QWNO0CHC1")
-CLIENT_SECRET = os.environ.get("CLIENT_SECRET", "4n8ahE8A2Sx4IguTXCSRAGBVo2ObGZ4Ezs70GpthWY0ARSUv7LOCq1AeZ8JFt59EmWt0qj3WL5xbbz5zjHQA1E5BNQK91U0HH1PIYG5gfszNnzOM2sre0gmEOaFZsEvp")
+CLIENT_ID = "OJ3RJIYivW34fb0N0amHBwRYY7ldjM9O00hkQdR4"
 config_dir = Path.home() / f".{RIPPLING_DIRECTORY_NAME}"
 
 
-def get_oauth_credentials():
-    return CLIENT_ID, CLIENT_SECRET
+def get_client_id():
+    return CLIENT_ID
 
 
 def get_oauth_token_data():

rippling_cli/core/oauth_client.py

@@ -1,7 +1,7 @@
-from rippling_cli.config.config import get_oauth_credentials
+from rippling_cli.config.config import get_client_id
 
 
 class OAuthClient:
     @classmethod
     def get_client_credentials(cls):
-        return get_oauth_credentials()
+        return get_client_id()

rippling_cli/core/oauth_token.py

@@ -17,6 +17,9 @@ def __init__(self, *args, **kwargs):
             self.token = kwargs.pop('token')
             super().__init__(*args, **kwargs)
 
+        def log_message(self, format, *args):
+            pass  # Suppress access log messages
+
         def do_GET(self):
             self.send_response(200)
             self.send_header("Content-type", "text/html")
@@ -70,11 +73,10 @@ def stop_server(self):
             self.httpd.server_close()
             self.server_thread.join()
 
-    def exchange_for_token(self, client_secret, code_verifier):
+    def exchange_for_token(self, code_verifier):
         data = {
             "grant_type": "authorization_code",
             "client_id": self.client_id,
-            "client_secret": client_secret,
             "code": self.authorization_code,
             "code_verifier": code_verifier,
             "Content-Type": "application/json"