vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #432 from coreos-inc/oauthcheck

Browse source 
Build the OAuth redirect URL ourselves, rather than relying on undocumented Flask behavior
This commit is contained in:
josephschorr 2015-09-02 13:35:44 -04:00
commit 9889ca268a
3 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
data/model/oauth.py
View file

@ -8,8 +8,9 @@ from oauth2lib import utils
from data.database import (OAuthApplication, OAuthAuthorizationCode, OAuthAccessToken, User,
AccessToken, random_string_generator)
from data.model import user
from data.model import user, config
from auth import scopes
from util import get_app_url
logger = logging.getLogger(__name__)
@ -45,7 +46,10 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
return False
def validate_redirect_uri(self, client_id, redirect_uri):
if redirect_uri == url_for('web.oauth_local_handler', _external=True):
internal_redirect_url = '%s%s' % (get_app_url(config.app_config),
url_for('web.oauth_local_handler'))
if redirect_uri == internal_redirect_url:
return True
try: