Add cancel button to the oauth authorization page, add the org icon to said page, and fix some other minor bugs

data/model/oauth.py

@@ -122,6 +122,21 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
       .get())
     found.delete_instance()
 
+
+  def get_auth_denied_response(self, response_type, client_id, redirect_uri, **params):
+    # Ensure proper response_type
+    if response_type != 'token':
+      err = 'unsupported_response_type'
+      return self._make_redirect_error_response(redirect_uri, err)
+
+    # Check redirect URI
+    is_valid_redirect_uri = self.validate_redirect_uri(client_id, redirect_uri)
+    if not is_valid_redirect_uri:
+      return self._invalid_redirect_uri_response()
+
+    return self._make_redirect_error_response(redirect_uri, 'authorization_denied')
+
+
   def get_token_response(self, response_type, client_id, redirect_uri, **params):
     # Ensure proper response_type
     if response_type != 'token':

endpoints/web.py

@@ -268,6 +268,27 @@ def authorize_application():
   return provider.get_token_response('token', client_id, redirect_uri, scope=scope)
 
 
+@web.route('/oauth/denyapp', methods=['POST'])
+def deny_application():
+  if not current_user.is_authenticated():
+    abort(401)
+    return
+
+  provider = FlaskAuthorizationProvider()
+  client_id = request.form.get('client_id', None)
+  redirect_uri = request.form.get('redirect_uri', None)
+  scope = request.form.get('scope', None)
+  csrf = request.form.get('csrf', None)
+
+  # Verify the csrf token.
+  if csrf != generate_csrf_token():
+    abort(404)
+    return
+
+  # Add the access token.
+  return provider.get_auth_denied_response('token', client_id, redirect_uri, scope=scope)
+
+
 @web.route('/oauth/authorize', methods=['GET'])
 @no_cache
 def request_authorization_code():

static/css/quay.css

@@ -3551,6 +3551,10 @@ pre.command:before {
   content: "\f0da" !important;
 }
 
+.auth-container .button-bar form {
+  display: inline-block;
+}
+
 .auth-container .button-bar {
   margin-top: 10px;
   padding-top: 10px;

templates/base.html

@@ -51,7 +51,7 @@
 
     <script src="/static/lib/loading-bar.js"></script>
     <script src="/static/lib/angular-strap.min.js"></script>
-    <script src="static/lib/angular-strap.tpl.min.js"></script>
+    <script src="/static/lib/angular-strap.tpl.min.js"></script>
     <script src="/static/lib/angulartics.js"></script>
     <script src="/static/lib/angulartics-mixpanel.js"></script>
     <script src="/static/lib/angulartics-google-analytics.js"></script>

templates/oauthorize.html

@@ -16,7 +16,8 @@
       <img src="//www.gravatar.com/avatar/{{ application.gravatar }}?s=48&d=identicon">
       <h2><a href="{{ application.url }}" target="_blank">{{ application.name }}</a></h2>
       <h4>
-         {{ application.organization.name }}
+        <img src="//www.gravatar.com/avatar/{{ application.organization.gravatar }}?s=24&d=identicon" style="vertical-align: middle; margin-right: 4px;"> 
+        <span style="vertical-align: middle">{{ application.organization.name }}</span>
       </h4>
     </div>
 
@@ -55,6 +56,12 @@
         <input type="hidden" name="scope" value="{{ scope }}">
         <input type="hidden" name="csrf" value="{{ csrf_token_val }}">
         <button type="submit" class="btn btn-success">Authorize Application</button>
+      </form><form method="post" action="/oauth/denyapp">
+        <input type="hidden" name="client_id" value="{{ client_id }}">
+        <input type="hidden" name="redirect_uri" value="{{ redirect_uri }}">
+        <input type="hidden" name="scope" value="{{ scope }}">
+        <input type="hidden" name="csrf" value="{{ csrf_token_val }}">
+        <button type="submit" class="btn btn-default">Cancel</button>
       </form>
     </div>
   </div>