Add ability to one-click generate an authorization access token in the applications panel

2014-11-17 14:54:07 -05:00 · 2014-11-17 14:54:07 -05:00 · 58ca76239b
commit 58ca76239b
parent ccc16fd6f4
8 changed files with 66 additions and 4 deletions
--- a/data/model/oauth.py
+++ b/data/model/oauth.py
@ -9,6 +9,7 @@ from data.database import (OAuthApplication, OAuthAuthorizationCode, OAuthAccess
                           random_string_generator)
 from data.model.legacy import get_user
 from auth import scopes
+from flask import render_template


 logger = logging.getLogger(__name__)
@ -154,6 +155,7 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):


  def get_token_response(self, response_type, client_id, redirect_uri, **params):
+
    # Ensure proper response_type
    if response_type != 'token':
      err = 'unsupported_response_type'
@ -161,7 +163,7 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):

    # Check redirect URI
    is_valid_redirect_uri = self.validate_redirect_uri(client_id, redirect_uri)
-    if not is_valid_redirect_uri:
+    if redirect_uri != 'display' and not is_valid_redirect_uri:
      return self._invalid_redirect_uri_response()

    # Check conditions
@ -196,6 +198,10 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
    url = utils.build_url(redirect_uri, params)
    url += '#access_token=%s&token_type=%s&expires_in=%s' % (access_token, token_type, expires_in)

+    if redirect_uri == 'display':
+      return self._make_response(
+        render_template("message.html", message="Access Token: " + access_token))
+
    return self._make_response(headers={'Location': url}, status_code=302)