From 371629863908ca5cae9455c050728560987b4dd7 Mon Sep 17 00:00:00 2001
From: "gcp-cherry-pick-bot[bot]"
 <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com>
Date: Mon, 6 Nov 2023 16:36:22 +0100
Subject: [PATCH] sources/oauth: fix patreon (cherry-pick #7454) (#7456)

sources/oauth: fix patreon (#7454)

* web/admin: add note for potentially confusing consumer key/secret



* sources/oauth: fix patreon default scopes



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
---
 authentik/sources/oauth/types/patreon.py       | 3 ++-
 web/src/admin/sources/oauth/OAuthSourceForm.ts | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/authentik/sources/oauth/types/patreon.py b/authentik/sources/oauth/types/patreon.py
index 2b54533ff..d02c3d33d 100644
--- a/authentik/sources/oauth/types/patreon.py
+++ b/authentik/sources/oauth/types/patreon.py
@@ -12,8 +12,9 @@ class PatreonOAuthRedirect(OAuthRedirect):
     """Patreon OAuth2 Redirect"""
 
     def get_additional_parameters(self, source: OAuthSource):  # pragma: no cover
+        # https://docs.patreon.com/#scopes
         return {
-            "scope": ["openid", "email", "profile"],
+            "scope": ["identity", "identity[email]"],
         }
 
 
diff --git a/web/src/admin/sources/oauth/OAuthSourceForm.ts b/web/src/admin/sources/oauth/OAuthSourceForm.ts
index 5109ce0c4..86db82585 100644
--- a/web/src/admin/sources/oauth/OAuthSourceForm.ts
+++ b/web/src/admin/sources/oauth/OAuthSourceForm.ts
@@ -386,6 +386,7 @@ export class OAuthSourceForm extends ModelForm<OAuthSource, string> {
                             class="pf-c-form-control"
                             required
                         />
+                        <p class="pf-c-form__helper-text">${msg("Also known as Client ID.")}</p>
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal
                         label=${msg("Consumer secret")}
@@ -394,6 +395,7 @@ export class OAuthSourceForm extends ModelForm<OAuthSource, string> {
                         name="consumerSecret"
                     >
                         <textarea class="pf-c-form-control"></textarea>
+                        <p class="pf-c-form__helper-text">${msg("Also known as Client Secret.")}</p>
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal label=${msg("Scopes")} name="additionalScopes">
                         <input