my-recipes/backend/oauth_utils.py

import os
from authlib.integrations.starlette_client import OAuth
from starlette.config import Config

# Load config
config = Config('.env')

# Initialize OAuth
oauth = OAuth(config)

# Register Google OAuth
oauth.register(
    name='google',
    client_id=os.getenv('GOOGLE_CLIENT_ID'),
    client_secret=os.getenv('GOOGLE_CLIENT_SECRET'),
    server_metadata_url='https://accounts.google.com/.well-known/openid-configuration',
    client_kwargs={
        'scope': 'openid email profile'
    }
)

# Register Microsoft Entra ID (Azure AD) OAuth
# Use 'common' for multi-tenant + personal accounts, or 'consumers' for personal accounts only
tenant_id = os.getenv('AZURE_TENANT_ID', 'common')
oauth.register(
    name='azure',
    client_id=os.getenv('AZURE_CLIENT_ID'),
    client_secret=os.getenv('AZURE_CLIENT_SECRET'),
    server_metadata_url=f'https://login.microsoftonline.com/{tenant_id}/v2.0/.well-known/openid-configuration',
    client_kwargs={
        'scope': 'openid email profile'
    }
)