Add a security scanner api config object for params
Change SecScanAPI to use a uri creation func instead of test context Pass config provider through validator context Remove app config dependency for validators
This commit is contained in:
Sam Chow
parent
554d4f47a8
commit
7df8ed4a60
47 changed files with 305 additions and 166 deletions
|
|
@ -41,7 +41,8 @@ class GoogleOAuthService(OAuthLoginService):
|
|||
def requires_form_encoding(self):
|
||||
return True
|
||||
|
||||
def validate_client_id_and_secret(self, http_client, app_config):
|
||||
# TODO(sam): this signature does not match its parent class. refactor the base method to take the namedtuple URLSchemeAndHostname
|
||||
def validate_client_id_and_secret(self, http_client):
|
||||
# To verify the Google client ID and secret, we hit the
|
||||
# https://www.googleapis.com/oauth2/v3/token endpoint with an invalid request. If the client
|
||||
# ID or secret are invalid, we get returned a 403 Unauthorized. Otherwise, we get returned
|
||||
|
|
|
|||
Reference in a new issue