From 0e602efbf9c09c46f0f5e26a3296b32e885713e5 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 17 Nov 2016 16:21:26 -0500 Subject: [PATCH] Fix error displayed for OAuth if an existing token already matches scopes Before this change, the OAuth system would automatically redirect to display the code if the scopes requested were a subset of those already granted by the user. However, the missing process auth resulted in `get_authenticated_user` returning None, which broke the OAuth flow. Fixes #2131 --- endpoints/web.py | 1 + 1 file changed, 1 insertion(+) diff --git a/endpoints/web.py b/endpoints/web.py index 752a77c09..4b7b2b65f 100644 --- a/endpoints/web.py +++ b/endpoints/web.py @@ -518,6 +518,7 @@ def deny_application(): @param_required('client_id') @param_required('redirect_uri') @param_required('scope') +@process_auth_or_cookie def request_authorization_code(): provider = FlaskAuthorizationProvider() response_type = request.args.get('response_type', 'code')