hyperpocket 0.3.4__py3-none-any.whl → 0.3.5__py3-none-any.whl

hyperpocket/auth/zoom/oauth2_handler.py

@@ -0,0 +1,153 @@
+from typing import Optional
+from urllib.parse import urljoin, urlencode
+
+import httpx
+
+from hyperpocket.auth import AuthProvider
+from hyperpocket.auth.context import AuthContext
+from hyperpocket.auth.handler import AuthHandlerInterface
+from hyperpocket.auth.zoom.oauth2_context import ZoomOAuth2AuthContext
+from hyperpocket.auth.zoom.oauth2_schema import ZoomOAuth2Response, ZoomOAuth2Request
+from hyperpocket.config import config
+from hyperpocket.futures import FutureStore
+
+
+class ZoomOAuth2AuthHandler(AuthHandlerInterface):
+    # Currently only support public app type. Device authorization for private app is not supported.
+    _ZOOM_OAUTH_URL: str = (
+        "https://zoom.us/oauth/authorize"  # e.g. "https://slack.com/oauth/v2/authorize"
+    )
+    _ZOOM_TOKEN_URL: str = (
+        "https://zoom.us/oauth/token"  # e.g. "https://slack.com/api/oauth.v2.access"
+    )
+
+    name: str = "zoom-oauth2"
+    description: str = "This handler is used to authenticate users using the Zoom OAuth2 authentication method."
+    scoped: bool = True
+
+    @staticmethod
+    def provider() -> AuthProvider:
+        return AuthProvider.ZOOM
+
+    @staticmethod
+    def provider_default() -> bool:
+        return True
+
+    @staticmethod
+    def recommended_scopes() -> set[str]:
+        """
+        This method returns a set of recommended scopes for the service.
+        If the service has a recommended scope, it should be returned here.
+        Example:
+        return {
+            "channels:history",
+            "channels:read",
+            "chat:write",
+            "groups:history",
+            "groups:read",
+            "im:history",
+            "mpim:history",
+            "reactions:read",
+            "reactions:write",
+        }
+        """
+        return set()
+
+    def prepare(
+        self,
+        auth_req: ZoomOAuth2Request,
+        thread_id: str,
+        profile: str,
+        future_uid: str,
+        *args,
+        **kwargs,
+    ) -> str:
+        redirect_uri = urljoin(
+            config().public_base_url + "/",
+            f"{config().callback_url_rewrite_prefix}/auth/zoom/oauth2/callback",
+        )
+        auth_url = self._make_auth_url(
+            req=auth_req, redirect_uri=redirect_uri, state=future_uid
+        )
+
+        FutureStore.create_future(
+            future_uid,
+            data={
+                "redirect_uri": redirect_uri,
+                "thread_id": thread_id,
+                "profile": profile,
+            },
+        )
+
+        return f"User needs to authenticate using the following URL: {auth_url}"
+
+    async def authenticate(
+        self, auth_req: ZoomOAuth2Request, future_uid: str, *args, **kwargs
+    ) -> AuthContext:
+        future_data = FutureStore.get_future(future_uid)
+        auth_code = await future_data.future
+
+        async with httpx.AsyncClient() as client:
+            resp = await client.post(
+                url=self._ZOOM_TOKEN_URL,
+                data={
+                    "client_id": auth_req.client_id,
+                    "client_secret": auth_req.client_secret,
+                    "code": auth_code,
+                    "redirect_uri": future_data.data["redirect_uri"],
+                },
+            )
+        resp.raise_for_status()
+        resp_json = resp.json()
+        resp_typed = ZoomOAuth2Response(**resp_json)
+        return ZoomOAuth2AuthContext.from_zoom_oauth2_response(resp_typed)
+
+    async def refresh(
+        self, auth_req: ZoomOAuth2Request, context: AuthContext, *args, **kwargs
+    ) -> AuthContext:
+        zoom_context: ZoomOAuth2AuthContext = context
+        refresh_token = zoom_context.refresh_token
+
+        async with httpx.AsyncClient() as client:
+            resp = await client.post(
+                url=self._ZOOM_TOKEN_URL,
+                data={
+                    "grant_type": "refresh_token",
+                    "refresh_token": refresh_token,
+                },
+            )
+
+        resp.raise_for_status()
+        resp_json = resp.json()
+
+        new_resp = ZoomOAuth2Response(
+            **{
+                "access_token": resp_json["access_token"],
+                "refresh_token": resp_json["refresh_token"],
+                "expires_in": resp_json["expires_in"],
+                "token_type": resp_json["token_type"],
+                "scope": resp_json["scope"],
+                "api_url": resp_json["api_url"],
+            }
+        )
+
+        return ZoomOAuth2AuthContext.from_zoom_oauth2_response(new_resp)
+
+    def _make_auth_url(self, req: ZoomOAuth2Request, redirect_uri: str, state: str):
+        params = {
+            "scope": " ".join(req.auth_scopes),
+            "client_id": req.client_id,
+            "redirect_uri": redirect_uri,
+            "state": state,
+        }
+        auth_url = f"{self._ZOOM_OAUTH_URL}?{urlencode(params)}"
+        return auth_url
+
+    def make_request(
+        self, auth_scopes: Optional[list[str]] = None, **kwargs
+    ) -> ZoomOAuth2Request:
+        return ZoomOAuth2Request(
+            auth_scopes=auth_scopes,
+            client_id=config().auth.zoom.client_id,
+            client_secret=config().auth.zoom.client_secret,
+        )

hyperpocket/auth/zoom/oauth2_schema.py

@@ -0,0 +1,19 @@
+from typing import Optional
+
+from pydantic import BaseModel, Field
+
+from hyperpocket.auth.schema import AuthenticateRequest, AuthenticateResponse
+
+
+class ZoomOAuth2Request(AuthenticateRequest):
+    client_id: str
+    client_secret: str
+
+
+class ZoomOAuth2Response(AuthenticateResponse):
+    access_token: str
+    expires_in: int
+    refresh_token: Optional[str] = Field(default=None)
+    token_type: str
+    scope: Optional[str] = None
+    api_url: Optional[str] = None

hyperpocket/cli/__main__.py

@@ -6,7 +6,9 @@ from hyperpocket.cli.sync import sync
 from hyperpocket.cli.eject import eject
 from hyperpocket.cli.auth_token import create_token_auth_template
 from hyperpocket.cli.auth_oauth2 import create_oauth2_auth_template
-from hyperpocket.cli.tool import create_tool_template, build_tool
+from hyperpocket.cli.tool_create import create_tool_template, build_tool
+from hyperpocket.cli.tool_export import export_tool
+
 
 @click.group()
 def cli():
@@ -23,6 +25,7 @@ devtool.add_command(create_token_auth_template)
 devtool.add_command(create_oauth2_auth_template)
 devtool.add_command(create_tool_template)
 devtool.add_command(build_tool)
+devtool.add_command(export_tool)
 
 cli.add_command(pull)
 cli.add_command(sync)

hyperpocket/cli/auth_oauth2.py

@@ -1,90 +1,131 @@
 import os
 import click
 from pathlib import Path
-from hyperpocket.cli.codegen.auth import get_auth_context_template, get_auth_oauth2_context_template, get_auth_oauth2_handler_template, get_auth_oauth2_schema_template, get_server_auth_oauth2_template
+from hyperpocket.cli.codegen.auth import (
+    get_auth_context_template,
+    get_auth_oauth2_context_template,
+    get_auth_oauth2_handler_template,
+    get_auth_oauth2_schema_template,
+    get_server_auth_oauth2_template,
+)
+
 
 @click.command()
-@click.argument('service_name', type=str)
-@click.option('--force', is_flag=True, default=False)
+@click.argument("service_name", type=str)
+@click.option("--force", is_flag=True, default=False)
 def create_oauth2_auth_template(service_name, force):
     ## Validate service_name
-    if not service_name.islower() or not service_name.replace('_', '').isalpha():
-        raise ValueError("service_name must be lowercase and contain only letters and underscores")
-    
-    capitliazed_service_name = service_name.capitalize()
-    if '_' in service_name:
-        capitliazed_service_name = ''.join([word.capitalize() for word in service_name.split('_')])
-    
+    if not service_name.islower() or not service_name.replace("_", "").isalnum():
+        raise ValueError(
+            "service_name must be lowercase and contain only letters, numbers, and underscores"
+        )
+
+    capitalized_service_name = service_name.capitalize()
+    if "_" in service_name:
+        capitalized_service_name = "".join(
+            [word.capitalize() for word in service_name.split("_")]
+        )
+
     ## Get the current working directory
     cwd = Path.cwd()
     parent_path = cwd.parent
-    
+
     generate_server_auth(service_name, parent_path, force)
     generate_hyperpocket_auth_dir(service_name, parent_path, force)
-    generate_auth_context(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_oauth2_context(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_oauth2_handler(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_oauth2_schema(service_name, capitliazed_service_name, parent_path, force)
+    generate_auth_context(service_name, capitalized_service_name, parent_path, force)
+    generate_auth_oauth2_context(
+        service_name, capitalized_service_name, parent_path, force
+    )
+    generate_auth_oauth2_handler(
+        service_name, capitalized_service_name, parent_path, force
+    )
+    generate_auth_oauth2_schema(
+        service_name, capitalized_service_name, parent_path, force
+    )
     ##TODO: Add service to hyperpocket/auth/provider
 
+
 def generate_server_auth(service_name, parent_path, force):
     print(f"Generating server/auth for '{service_name}'.")
-    output_from_parsed_template = get_server_auth_oauth2_template().render(service_name=service_name)
-    output_path = parent_path / f'hyperpocket/hyperpocket/server/auth/{service_name}.py'
+    output_from_parsed_template = get_server_auth_oauth2_template().render(
+        service_name=service_name
+    )
+    output_path = parent_path / f"hyperpocket/hyperpocket/server/auth/{service_name}.py"
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             f.write(output_from_parsed_template)
 
+
 def generate_hyperpocket_auth_dir(service_name, parent_path, force):
-    if not os.path.exists(parent_path / f'hyperpocket/hyperpocket/auth/{service_name}'):
-        os.makedirs(parent_path / f'hyperpocket/hyperpocket/auth/{service_name}')
-    
-    output_path = parent_path / f'hyperpocket/hyperpocket/auth/{service_name}/__init__.py'
+    if not os.path.exists(parent_path / f"hyperpocket/hyperpocket/auth/{service_name}"):
+        os.makedirs(parent_path / f"hyperpocket/hyperpocket/auth/{service_name}")
+
+    output_path = (
+        parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/__init__.py"
+    )
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             pass
 
-def generate_auth_context(service_name, capitliazed_service_name, parent_path, force):
+
+def generate_auth_context(service_name, capitalized_service_name, parent_path, force):
     print(f"Generating auth/context for '{service_name}'.")
     output_from_parsed_template = get_auth_context_template().render(
-        capitalized_service_name=capitliazed_service_name, 
-        upper_service_name=service_name.upper()
+        capitalized_service_name=capitalized_service_name,
+        upper_service_name=service_name.upper(),
+    )
+    output_path = (
+        parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/context.py"
     )
-    output_path = parent_path / f'hyperpocket/hyperpocket/auth/{service_name}/context.py'
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             f.write(output_from_parsed_template)
 
-def generate_auth_oauth2_context(service_name, capitliazed_service_name, parent_path, force):
+
+def generate_auth_oauth2_context(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/oauth2 context for '{service_name}'.")
     output_from_parsed_template = get_auth_oauth2_context_template().render(
-        service_name = service_name,
-        capitalized_service_name=capitliazed_service_name, 
+        service_name=service_name,
+        capitalized_service_name=capitalized_service_name,
+    )
+    output_path = (
+        parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/oauth2_context.py"
     )
-    output_path = parent_path / f'hyperpocket/hyperpocket/auth/{service_name}/oauth2_context.py'
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             f.write(output_from_parsed_template)
 
-def generate_auth_oauth2_handler(service_name, capitliazed_service_name, parent_path, force):
+
+def generate_auth_oauth2_handler(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/oauth2 handler for '{service_name}'.")
     output_from_parsed_template = get_auth_oauth2_handler_template().render(
-        service_name = service_name,
-        auth_handler_name = service_name.replace('_','-'),
-        capitalized_service_name=capitliazed_service_name,
-        upper_service_name=service_name.upper()
+        service_name=service_name,
+        auth_handler_name=service_name.replace("_", "-"),
+        capitalized_service_name=capitalized_service_name,
+        upper_service_name=service_name.upper(),
+    )
+    output_path = (
+        parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/oauth2_handler.py"
     )
-    output_path = parent_path / f'hyperpocket/hyperpocket/auth/{service_name}/oauth2_handler.py'
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             f.write(output_from_parsed_template)
 
-def generate_auth_oauth2_schema(service_name, capitliazed_service_name, parent_path, force):
+
+def generate_auth_oauth2_schema(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/oauth2 schema for '{service_name}'.")
     output_from_parsed_template = get_auth_oauth2_schema_template().render(
-        capitalized_service_name=capitliazed_service_name,
+        capitalized_service_name=capitalized_service_name,
+    )
+    output_path = (
+        parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/oauth2_schema.py"
     )
-    output_path = parent_path / f'hyperpocket/hyperpocket/auth/{service_name}/oauth2_schema.py'
     if not output_path.exists() or force:
         with open(output_path, "w") as f:
             f.write(output_from_parsed_template)

hyperpocket/cli/auth_token.py

@@ -17,14 +17,14 @@ from hyperpocket.cli.codegen.auth import (
 @click.option("--force", is_flag=True, default=False)
 def create_token_auth_template(service_name, force):
     ## Validate service_name
-    if not service_name.islower() or not service_name.replace("_", "").isalpha():
+    if not service_name.islower() or not service_name.replace("_", "").isalnum():
         raise ValueError(
-            "service_name must be lowercase and contain only letters and underscores"
+            "service_name must be lowercase and contain only letters, numbers, and underscores"
         )
 
-    capitliazed_service_name = service_name.capitalize()
+    capitalized_service_name = service_name.capitalize()
     if "_" in service_name:
-        capitliazed_service_name = "".join(
+        capitalized_service_name = "".join(
             [word.capitalize() for word in service_name.split("_")]
         )
 
@@ -34,10 +34,16 @@ def create_token_auth_template(service_name, force):
 
     generate_server_auth(service_name, parent_path, force)
     generate_hyperpocket_auth_dir(service_name, parent_path, force)
-    generate_auth_context(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_token_context(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_token_handler(service_name, capitliazed_service_name, parent_path, force)
-    generate_auth_token_schema(service_name, capitliazed_service_name, parent_path, force)
+    generate_auth_context(service_name, capitalized_service_name, parent_path, force)
+    generate_auth_token_context(
+        service_name, capitalized_service_name, parent_path, force
+    )
+    generate_auth_token_handler(
+        service_name, capitalized_service_name, parent_path, force
+    )
+    generate_auth_token_schema(
+        service_name, capitalized_service_name, parent_path, force
+    )
     ##TODO: Add service to hyperpocket/auth/provider
 
 
@@ -64,10 +70,10 @@ def generate_hyperpocket_auth_dir(service_name, parent_path, force):
             pass
 
 
-def generate_auth_context(service_name, capitliazed_service_name, parent_path, force):
+def generate_auth_context(service_name, capitalized_service_name, parent_path, force):
     print(f"Generating auth/context for '{service_name}'.")
     output_from_parsed_template = get_auth_context_template().render(
-        caplitalized_service_name=capitliazed_service_name,
+        capitalized_service_name=capitalized_service_name,
         upper_service_name=service_name.upper(),
     )
     output_path = (
@@ -78,11 +84,13 @@ def generate_auth_context(service_name, capitliazed_service_name, parent_path, f
             f.write(output_from_parsed_template)
 
 
-def generate_auth_token_context(service_name, capitliazed_service_name, parent_path, force):
+def generate_auth_token_context(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/token context for '{service_name}'.")
     output_from_parsed_template = get_auth_token_context_template().render(
         service_name=service_name,
-        caplitalized_service_name=capitliazed_service_name,
+        capitalized_service_name=capitalized_service_name,
     )
     output_path = (
         parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/token_context.py"
@@ -92,12 +100,14 @@ def generate_auth_token_context(service_name, capitliazed_service_name, parent_p
             f.write(output_from_parsed_template)
 
 
-def generate_auth_token_handler(service_name, capitliazed_service_name, parent_path, force):
+def generate_auth_token_handler(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/token handler for '{service_name}'.")
     output_from_parsed_template = get_auth_token_handler_template().render(
         service_name=service_name,
         auth_handler_name=service_name.replace("_", "-"),
-        caplitalized_service_name=capitliazed_service_name,
+        capitalized_service_name=capitalized_service_name,
         upper_service_name=service_name.upper(),
     )
     output_path = (
@@ -108,10 +118,12 @@ def generate_auth_token_handler(service_name, capitliazed_service_name, parent_p
             f.write(output_from_parsed_template)
 
 
-def generate_auth_token_schema(service_name, capitliazed_service_name, parent_path, force):
+def generate_auth_token_schema(
+    service_name, capitalized_service_name, parent_path, force
+):
     print(f"Generating auth/token schema for '{service_name}'.")
     output_from_parsed_template = get_auth_token_schema_template().render(
-        caplitalized_service_name=capitliazed_service_name,
+        capitalized_service_name=capitalized_service_name,
     )
     output_path = (
         parent_path / f"hyperpocket/hyperpocket/auth/{service_name}/token_schema.py"

hyperpocket/cli/codegen/auth/__init__.py

@@ -5,7 +5,10 @@ from .auth_oauth2_schema_template import get_auth_oauth2_schema_template
 from .auth_token_context_template import get_auth_token_context_template
 from .auth_token_handler_template import get_auth_token_handler_template
 from .auth_token_schema_template import get_auth_token_schema_template
-from .server_auth_template import get_server_auth_token_template, get_server_auth_oauth2_template
+from .server_auth_template import (
+    get_server_auth_token_template,
+    get_server_auth_oauth2_template,
+)
 
 __all__ = [
     "get_auth_context_template",

hyperpocket/cli/codegen/auth/auth_context_template.py

@@ -4,7 +4,7 @@ from jinja2 import Template
 def get_auth_context_template() -> Template:
     return Template("""
 from hyperpocket.auth.context import AuthContext
-class {{ caplitalized_service_name }}AuthContext(AuthContext):
+class {{ capitalized_service_name }}AuthContext(AuthContext):
     _ACCESS_TOKEN_KEY: str = "{{ upper_service_name }}_TOKEN"
     def to_dict(self) -> dict[str, str]:
         return {

hyperpocket/cli/codegen/auth/auth_oauth2_context_template.py

@@ -1,7 +1,8 @@
 from jinja2 import Template
 
+
 def get_auth_oauth2_context_template() -> Template:
-    return Template('''
+    return Template("""\
 from datetime import datetime, timedelta, timezone
 from typing import Optional
 
@@ -16,7 +17,7 @@ class {{ capitalized_service_name }}OAuth2AuthContext({{ capitalized_service_nam
 
     @classmethod
     def from_{{ service_name }}_oauth2_response(cls, response: {{ capitalized_service_name }}OAuth2Response):
-        description = f'{{ capitalized_service_name }} OAuth2 Context logged in as a user {response.authed_user.id}'
+        description = f'{{ capitalized_service_name }} OAuth2 Context logged in'
         now = datetime.now(tz=timezone.utc)
 
         access_token = response.access_token
@@ -24,7 +25,7 @@ class {{ capitalized_service_name }}OAuth2AuthContext({{ capitalized_service_nam
         expires_in = response.expires_in
 
         if expires_in:
-            expires_at = now + timedelta(seconds=response.authed_user.expires_in)
+            expires_at = now + timedelta(seconds=response.expires_in)
         else:
             expires_at = None
 
@@ -35,4 +36,4 @@ class {{ capitalized_service_name }}OAuth2AuthContext({{ capitalized_service_nam
             description=description,
             detail=response,
         )
-''')
+""")

hyperpocket/cli/codegen/auth/auth_oauth2_handler_template.py

@@ -1,7 +1,8 @@
 from jinja2 import Template
 
+
 def get_auth_oauth2_handler_template() -> Template:
-    return Template('''
+    return Template('''\
 from typing import Optional
 from urllib.parse import urljoin, urlencode
 
@@ -12,7 +13,7 @@ from hyperpocket.auth.context import AuthContext
 from hyperpocket.auth.handler import AuthHandlerInterface
 from hyperpocket.auth.{{ service_name }}.oauth2_context import {{ capitalized_service_name }}OAuth2AuthContext
 from hyperpocket.auth.{{ service_name }}.oauth2_schema import {{ capitalized_service_name }}OAuth2Response, {{ capitalized_service_name }}OAuth2Request
-from hyperpocket.config import config as config
+from hyperpocket.config import config
 from hyperpocket.futures import FutureStore
 
 
@@ -55,10 +56,9 @@ class {{ capitalized_service_name }}OAuth2AuthHandler(AuthHandlerInterface):
     def prepare(self, auth_req: {{ capitalized_service_name }}OAuth2Request, thread_id: str, profile: str,
                 future_uid: str, *args, **kwargs) -> str:
         redirect_uri = urljoin(
-            config.public_base_url + "/",
-            f"{config.callback_url_rewrite_prefix}/auth/{{ service_name }}/oauth2/callback",
+            config().public_base_url + "/",
+            f"{config().callback_url_rewrite_prefix}/auth/{{ service_name }}/oauth2/callback",
         )
-        print(f"redirect_uri: {redirect_uri}")
         auth_url = self._make_auth_url(req=auth_req, redirect_uri=redirect_uri, state=future_uid)
 
         FutureStore.create_future(future_uid, data={
@@ -83,65 +83,40 @@ class {{ capitalized_service_name }}OAuth2AuthHandler(AuthHandlerInterface):
                     'redirect_uri': future_data.data["redirect_uri"],
                 }
             )
-        if resp.status_code != 200:
-            raise Exception(f"failed to authenticate. status_code : {resp.status_code}")
-
+        resp.raise_for_status()
         resp_json = resp.json()
-        if resp_json["ok"] is False:
-            raise Exception(f"failed to authenticate. error : {resp_json['error']}")
-
         resp_typed = {{ capitalized_service_name }}OAuth2Response(**resp_json)
         return {{ capitalized_service_name }}OAuth2AuthContext.from_{{ service_name }}_oauth2_response(resp_typed)
 
     async def refresh(self, auth_req: {{ capitalized_service_name }}OAuth2Request, context: AuthContext, *args, **kwargs) -> AuthContext:
         {{ service_name }}_context: {{ capitalized_service_name }}OAuth2AuthContext = context
-        last_oauth2_resp: {{ capitalized_service_name }}OAuth2Response = {{ service_name }}_context.detail
         refresh_token = {{ service_name }}_context.refresh_token
 
         async with httpx.AsyncClient() as client:
             resp = await client.post(
                 url=self._{{ upper_service_name }}_TOKEN_URL,
                 data={
-                    'client_id': config.auth.{{ service_name }}.client_id,
-                    'client_secret': config.auth.{{ service_name }}.client_secret,
+                    'client_id': auth_req.client_id,
+                    'client_secret': auth_req.client_secret,
                     'grant_type': 'refresh_token',
                     'refresh_token': refresh_token,
                 },
             )
 
-        if resp.status_code != 200:
-            raise Exception(f"failed to refresh. status_code : {resp.status_code}")
-
+        resp.raise_for_status()
         resp_json = resp.json()
-        if resp_json["ok"] is False:
-            raise Exception(f"failed to refresh. status_code : {resp.status_code}")
-
-        if last_oauth2_resp.authed_user:
-            new_resp = last_oauth2_resp.model_copy(
-                update={
-                    "authed_user": {{ capitalized_service_name }}OAuth2Response.AuthedUser(**{
-                        **last_oauth2_resp.authed_user.model_dump(),
-                        "access_token": resp_json["access_token"],
-                        "refresh_token": resp_json["refresh_token"],
-                        "expires_in": resp_json["expires_in"],
-                    })
-                }
-            )
-        else:
-            new_resp = last_oauth2_resp.model_copy(
-                update={
-                    **last_oauth2_resp.model_dump(),
-                    "access_token": resp_json["access_token"],
-                    "refresh_token": resp_json["refresh_token"],
-                    "expires_in": resp_json["expires_in"],
-                }
-            )
-
+        
+        new_resp = {{ capitalized_service_name }}OAuth2Response(**{
+            "access_token": resp_json["access_token"],
+            "refresh_token": resp_json["refresh_token"],
+            "expires_in": resp_json["expires_in"],
+        })
+        
         return {{ capitalized_service_name }}OAuth2AuthContext.from_{{ service_name }}_oauth2_response(new_resp)
 
     def _make_auth_url(self, req: {{ capitalized_service_name }}OAuth2Request, redirect_uri: str, state: str):
         params = {
-            "user_scope": ','.join(req.auth_scopes),
+            "scope": ' '.join(req.auth_scopes),
             "client_id": req.client_id,
             "redirect_uri": redirect_uri,
             "state": state,
@@ -152,7 +127,7 @@ class {{ capitalized_service_name }}OAuth2AuthHandler(AuthHandlerInterface):
     def make_request(self, auth_scopes: Optional[list[str]] = None, **kwargs) -> {{ capitalized_service_name }}OAuth2Request:
         return {{ capitalized_service_name }}OAuth2Request(
             auth_scopes=auth_scopes,
-            client_id=config.auth.{{ service_name }}.client_id,
-            client_secret=config.auth.{{ service_name }}.client_secret,
+            client_id=config().auth.{{ service_name }}.client_id,
+            client_secret=config().auth.{{ service_name }}.client_secret,
         )
-''')
+''')

hyperpocket/cli/codegen/auth/auth_oauth2_schema_template.py

@@ -1,10 +1,11 @@
 from jinja2 import Template
 
+
 def get_auth_oauth2_schema_template() -> Template:
-    return Template('''
+    return Template("""\
 from typing import Optional
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 from hyperpocket.auth.schema import AuthenticateRequest, AuthenticateResponse
 
@@ -17,4 +18,4 @@ class {{ capitalized_service_name }}OAuth2Response(AuthenticateResponse):
     access_token: str
     expires_in: int
     refresh_token: Optional[str] = Field(default=None)
-''')
+""")