Cleanup templates, handle OAuth Provider without application better
This commit is contained in:
parent
983462f80d
commit
750117b0fd
|
@ -18,7 +18,6 @@
|
||||||
<header class="login-pf-header">
|
<header class="login-pf-header">
|
||||||
<h1>{% trans title %}</h1>
|
<h1>{% trans title %}</h1>
|
||||||
</header>
|
</header>
|
||||||
{% include 'partials/messages.html' %}
|
|
||||||
<form method="POST">
|
<form method="POST">
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
{% include 'partials/form_login.html' %}
|
{% include 'partials/form_login.html' %}
|
||||||
|
|
|
@ -11,7 +11,6 @@
|
||||||
<header class="login-pf-header">
|
<header class="login-pf-header">
|
||||||
<h1>{% trans 'Authorize Application' %}</h1>
|
<h1>{% trans 'Authorize Application' %}</h1>
|
||||||
</header>
|
</header>
|
||||||
{% include 'partials/messages.html' %}
|
|
||||||
<form method="POST">
|
<form method="POST">
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
{% if not error %}
|
{% if not error %}
|
||||||
|
|
|
@ -7,6 +7,7 @@ from django.utils.translation import ugettext as _
|
||||||
from oauth2_provider.views.base import AuthorizationView
|
from oauth2_provider.views.base import AuthorizationView
|
||||||
|
|
||||||
from passbook.audit.models import AuditEntry
|
from passbook.audit.models import AuditEntry
|
||||||
|
from passbook.core.models import Application
|
||||||
from passbook.core.views.access import AccessMixin
|
from passbook.core.views.access import AccessMixin
|
||||||
from passbook.core.views.utils import LoadingView, PermissionDeniedView
|
from passbook.core.views.utils import LoadingView, PermissionDeniedView
|
||||||
from passbook.oauth_provider.models import OAuth2Provider
|
from passbook.oauth_provider.models import OAuth2Provider
|
||||||
|
@ -38,14 +39,17 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
|
||||||
# Get client_id to get provider, so we can update skip_authorization field
|
# Get client_id to get provider, so we can update skip_authorization field
|
||||||
client_id = request.GET.get('client_id')
|
client_id = request.GET.get('client_id')
|
||||||
provider = get_object_or_404(OAuth2Provider, client_id=client_id)
|
provider = get_object_or_404(OAuth2Provider, client_id=client_id)
|
||||||
application = self.provider_to_application(provider)
|
try:
|
||||||
|
application = self.provider_to_application(provider)
|
||||||
|
except Application.DoesNotExist:
|
||||||
|
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
||||||
# Update field here so oauth-toolkit does work for us
|
# Update field here so oauth-toolkit does work for us
|
||||||
provider.skip_authorization = application.skip_authorization
|
provider.skip_authorization = application.skip_authorization
|
||||||
provider.save()
|
provider.save()
|
||||||
self._application = application
|
self._application = application
|
||||||
# Check permissions
|
# Check permissions
|
||||||
if not self.user_has_access(self._application, request.user):
|
if not self.user_has_access(self._application, request.user):
|
||||||
return redirect(reverse('passbook_oauth_provider:oauth2-permission-denied'))
|
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
||||||
actual_response = super().dispatch(request, *args, **kwargs)
|
actual_response = super().dispatch(request, *args, **kwargs)
|
||||||
if actual_response.status_code == 400:
|
if actual_response.status_code == 400:
|
||||||
LOGGER.debug(request.GET.get('redirect_uri'))
|
LOGGER.debug(request.GET.get('redirect_uri'))
|
||||||
|
|
|
@ -11,7 +11,6 @@
|
||||||
<header class="login-pf-header">
|
<header class="login-pf-header">
|
||||||
<h1>{% trans 'Authorize Application' %}</h1>
|
<h1>{% trans 'Authorize Application' %}</h1>
|
||||||
</header>
|
</header>
|
||||||
{% include 'partials/messages.html' %}
|
|
||||||
<form method="POST" action="{{ acs_url }}">>
|
<form method="POST" action="{{ acs_url }}">>
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
<input type="hidden" name="ACSUrl" value="{{ acs_url }}">
|
<input type="hidden" name="ACSUrl" value="{{ acs_url }}">
|
||||||
|
|
Reference in a new issue