Feat: optimize gmail/google-drive (#13230)

### What problem does this PR solve? Feat: optimize gmail/google-drive Now: <img width="700" alt="image" src="https://github.com/user-attachments/assets/0c4b6044-7209-4c4f-ac0c-32070b79daf7" /> <img width="700" alt="image" src="https://github.com/user-attachments/assets/406f93d8-9b0f-4f5a-b8bb-3936990f558c" /> ### Type of change - [x] New Feature (non-breaking change which adds functionality)
2026-04-30 15:27:48 +08:00 · 2026-02-26 19:19:40 +08:00
parent 22c4d72891
commit c03c537bf8
4 changed files with 176 additions and 18 deletions
--- a/api/apps/connector_app.py
+++ b/api/apps/connector_app.py
@ -193,20 +193,25 @@ async def start_google_web_oauth():
    if source not in ("google-drive", "gmail"):
        return get_json_result(code=RetCode.ARGUMENT_ERROR, message="Invalid Google OAuth type.")

+    req = await get_request_json()
+
    if source == "gmail":
-        redirect_uri = GMAIL_WEB_OAUTH_REDIRECT_URI
+        default_redirect_uri = GMAIL_WEB_OAUTH_REDIRECT_URI
        scopes = GOOGLE_SCOPES[DocumentSource.GMAIL]
    else:
-        redirect_uri = GOOGLE_DRIVE_WEB_OAUTH_REDIRECT_URI
+        default_redirect_uri = GOOGLE_DRIVE_WEB_OAUTH_REDIRECT_URI
        scopes = GOOGLE_SCOPES[DocumentSource.GOOGLE_DRIVE]

+    redirect_uri = req.get("redirect_uri", default_redirect_uri)
+    if isinstance(redirect_uri, str):
+        redirect_uri = redirect_uri.strip()
+
    if not redirect_uri:
        return get_json_result(
            code=RetCode.SERVER_ERROR,
            message="Google OAuth redirect URI is not configured on the server.",
        )

-    req = await get_request_json()
    raw_credentials = req.get("credentials", "")

    try:
@ -246,6 +251,7 @@ async def start_google_web_oauth():
    cache_payload = {
        "user_id": current_user.id,
        "client_config": client_config,
+        "redirect_uri": redirect_uri,
        "created_at": int(time.time()),
    }
    REDIS_CONN.set_obj(_web_state_cache_key(flow_id, source), cache_payload, WEB_FLOW_TTL_SECS)
@ -276,6 +282,7 @@ async def google_gmail_web_oauth_callback():

    state_obj = json.loads(state_cache)
    client_config = state_obj.get("client_config")
+    redirect_uri = state_obj.get("redirect_uri", GMAIL_WEB_OAUTH_REDIRECT_URI)
    if not client_config:
        REDIS_CONN.delete(_web_state_cache_key(state_id, source))
        return await _render_web_oauth_popup(state_id, False, "Authorization session was invalid. Please retry.", source)
@ -291,7 +298,7 @@ async def google_gmail_web_oauth_callback():
    try:
        # TODO(google-oauth): branch scopes/redirect_uri based on source_type (drive vs gmail)
        flow = Flow.from_client_config(client_config, scopes=GOOGLE_SCOPES[DocumentSource.GMAIL])
-        flow.redirect_uri = GMAIL_WEB_OAUTH_REDIRECT_URI
+        flow.redirect_uri = redirect_uri
        flow.fetch_token(code=code)
    except Exception as exc:  # pragma: no cover - defensive
        logging.exception("Failed to exchange Google OAuth code: %s", exc)
@ -326,6 +333,7 @@ async def google_drive_web_oauth_callback():

    state_obj = json.loads(state_cache)
    client_config = state_obj.get("client_config")
+    redirect_uri = state_obj.get("redirect_uri", GOOGLE_DRIVE_WEB_OAUTH_REDIRECT_URI)
    if not client_config:
        REDIS_CONN.delete(_web_state_cache_key(state_id, source))
        return await _render_web_oauth_popup(state_id, False, "Authorization session was invalid. Please retry.", source)
@ -341,7 +349,7 @@ async def google_drive_web_oauth_callback():
    try:
        # TODO(google-oauth): branch scopes/redirect_uri based on source_type (drive vs gmail)
        flow = Flow.from_client_config(client_config, scopes=GOOGLE_SCOPES[DocumentSource.GOOGLE_DRIVE])
-        flow.redirect_uri = GOOGLE_DRIVE_WEB_OAUTH_REDIRECT_URI
+        flow.redirect_uri = redirect_uri
        flow.fetch_token(code=code)
    except Exception as exc:  # pragma: no cover - defensive
        logging.exception("Failed to exchange Google OAuth code: %s", exc)
@ -480,4 +488,4 @@ async def poll_box_web_result():
    
    REDIS_CONN.delete(_web_result_cache_key(flow_id, "box"))

-    return get_json_result(data={"credentials": cache_raw})
+    return get_json_result(data={"credentials": cache_raw})