OAuth scopes are space separated, not comma
This commit is contained in:
parent
c7e464ddf2
commit
804be4d4be
2 changed files with 6 additions and 2 deletions
|
@ -1,5 +1,6 @@
|
|||
from collections import namedtuple
|
||||
import features
|
||||
import re
|
||||
|
||||
Scope = namedtuple('scope', ['scope', 'icon', 'dangerous', 'title', 'description'])
|
||||
|
||||
|
@ -96,7 +97,10 @@ def scopes_from_scope_string(scopes):
|
|||
if not scopes:
|
||||
scopes = ''
|
||||
|
||||
return {ALL_SCOPES.get(scope, None) for scope in scopes.split(',')}
|
||||
# Note: The scopes string should be space seperated according to the spec:
|
||||
# https://tools.ietf.org/html/rfc6749#section-3.3
|
||||
# However, we also support commas for backwards compatibility with existing callers to our code.
|
||||
return {ALL_SCOPES.get(scope, None) for scope in re.split(' |,', scopes)}
|
||||
|
||||
|
||||
def validate_scope_string(scopes):
|
||||
|
|
|
@ -121,7 +121,7 @@
|
|||
</table>
|
||||
|
||||
<a class="btn btn-success"
|
||||
href="{{ Config.getUrl('/oauth/authorize?response_type=token&client_id=' + application.client_id + '&scope=' + getScopes(genScopes).join(',') + '&redirect_uri=' + Config.getUrl(Config['LOCAL_OAUTH_HANDLER'])) }}"
|
||||
href="{{ Config.getUrl('/oauth/authorize?response_type=token&client_id=' + application.client_id + '&scope=' + getScopes(genScopes).join(' ') + '&redirect_uri=' + Config.getUrl(Config['LOCAL_OAUTH_HANDLER'])) }}"
|
||||
ng-disabled="!getScopes(genScopes).length" target="_blank">
|
||||
Generate Access Token
|
||||
</a>
|
||||
|
|
Reference in a new issue