trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleanup templates, handle OAuth Provider without application better

This commit is contained in:
Jens Langhammer 2019-02-26 09:09:19 +01:00
parent 983462f80d
commit 750117b0fd
4 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
passbook/core/templates/login/denied.html
View File

@ -18,7 +18,6 @@
<header class="login-pf-header"> <header class="login-pf-header">
<h1>{% trans title %}</h1> <h1>{% trans title %}</h1>
</header> </header>
{% include 'partials/messages.html' %}
<form method="POST"> <form method="POST">
{% csrf_token %} {% csrf_token %}
{% include 'partials/form_login.html' %} {% include 'partials/form_login.html' %}

1
passbook/oauth_provider/templates/oauth2_provider/authorize.html
View File

@ -11,7 +11,6 @@
<header class="login-pf-header"> <header class="login-pf-header">
<h1>{% trans 'Authorize Application' %}</h1> <h1>{% trans 'Authorize Application' %}</h1>
</header> </header>
{% include 'partials/messages.html' %}
<form method="POST"> <form method="POST">
{% csrf_token %} {% csrf_token %}
{% if not error %} {% if not error %}

8
passbook/oauth_provider/views/oauth2.py
View File

@ -7,6 +7,7 @@ from django.utils.translation import ugettext as _
from oauth2_provider.views.base import AuthorizationView from oauth2_provider.views.base import AuthorizationView
from passbook.audit.models import AuditEntry from passbook.audit.models import AuditEntry
from passbook.core.models import Application
from passbook.core.views.access import AccessMixin from passbook.core.views.access import AccessMixin
from passbook.core.views.utils import LoadingView, PermissionDeniedView from passbook.core.views.utils import LoadingView, PermissionDeniedView
from passbook.oauth_provider.models import OAuth2Provider from passbook.oauth_provider.models import OAuth2Provider
@ -38,14 +39,17 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
# Get client_id to get provider, so we can update skip_authorization field # Get client_id to get provider, so we can update skip_authorization field
client_id = request.GET.get('client_id') client_id = request.GET.get('client_id')
provider = get_object_or_404(OAuth2Provider, client_id=client_id) provider = get_object_or_404(OAuth2Provider, client_id=client_id)
application = self.provider_to_application(provider) try:
application = self.provider_to_application(provider)
except Application.DoesNotExist:
return redirect('passbook_oauth_provider:oauth2-permission-denied')
# Update field here so oauth-toolkit does work for us # Update field here so oauth-toolkit does work for us
provider.skip_authorization = application.skip_authorization provider.skip_authorization = application.skip_authorization
provider.save() provider.save()
self._application = application self._application = application
# Check permissions # Check permissions
if not self.user_has_access(self._application, request.user): if not self.user_has_access(self._application, request.user):
return redirect(reverse('passbook_oauth_provider:oauth2-permission-denied')) return redirect('passbook_oauth_provider:oauth2-permission-denied')
actual_response = super().dispatch(request, *args, **kwargs) actual_response = super().dispatch(request, *args, **kwargs)
if actual_response.status_code == 400: if actual_response.status_code == 400:
LOGGER.debug(request.GET.get('redirect_uri')) LOGGER.debug(request.GET.get('redirect_uri'))

1
passbook/saml_idp/templates/saml/idp/login.html
View File

@ -11,7 +11,6 @@
<header class="login-pf-header"> <header class="login-pf-header">
<h1>{% trans 'Authorize Application' %}</h1> <h1>{% trans 'Authorize Application' %}</h1>
</header> </header>
{% include 'partials/messages.html' %}
<form method="POST" action="{{ acs_url }}">> <form method="POST" action="{{ acs_url }}">>
{% csrf_token %} {% csrf_token %}
<input type="hidden" name="ACSUrl" value="{{ acs_url }}"> <input type="hidden" name="ACSUrl" value="{{ acs_url }}">