From e92cf37583055dd495fda4f906a4b99c172e4fa1 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 24 Mar 2014 18:30:22 -0400 Subject: [PATCH] Add cancel button to the oauth authorization page, add the org icon to said page, and fix some other minor bugs --- data/model/oauth.py | 15 +++++++++++++++ endpoints/web.py | 21 +++++++++++++++++++++ static/css/quay.css | 4 ++++ templates/base.html | 2 +- templates/oauthorize.html | 9 ++++++++- 5 files changed, 49 insertions(+), 2 deletions(-) diff --git a/data/model/oauth.py b/data/model/oauth.py index b10bfa372..2e83019e4 100644 --- a/data/model/oauth.py +++ b/data/model/oauth.py @@ -122,6 +122,21 @@ class DatabaseAuthorizationProvider(AuthorizationProvider): .get()) found.delete_instance() + + def get_auth_denied_response(self, response_type, client_id, redirect_uri, **params): + # Ensure proper response_type + if response_type != 'token': + err = 'unsupported_response_type' + return self._make_redirect_error_response(redirect_uri, err) + + # Check redirect URI + is_valid_redirect_uri = self.validate_redirect_uri(client_id, redirect_uri) + if not is_valid_redirect_uri: + return self._invalid_redirect_uri_response() + + return self._make_redirect_error_response(redirect_uri, 'authorization_denied') + + def get_token_response(self, response_type, client_id, redirect_uri, **params): # Ensure proper response_type if response_type != 'token': diff --git a/endpoints/web.py b/endpoints/web.py index b9d5726dc..6b9a3e2e0 100644 --- a/endpoints/web.py +++ b/endpoints/web.py @@ -268,6 +268,27 @@ def authorize_application(): return provider.get_token_response('token', client_id, redirect_uri, scope=scope) +@web.route('/oauth/denyapp', methods=['POST']) +def deny_application(): + if not current_user.is_authenticated(): + abort(401) + return + + provider = FlaskAuthorizationProvider() + client_id = request.form.get('client_id', None) + redirect_uri = request.form.get('redirect_uri', None) + scope = request.form.get('scope', None) + csrf = request.form.get('csrf', None) + + # Verify the csrf token. + if csrf != generate_csrf_token(): + abort(404) + return + + # Add the access token. + return provider.get_auth_denied_response('token', client_id, redirect_uri, scope=scope) + + @web.route('/oauth/authorize', methods=['GET']) @no_cache def request_authorization_code(): diff --git a/static/css/quay.css b/static/css/quay.css index a03721505..6d461b6e7 100644 --- a/static/css/quay.css +++ b/static/css/quay.css @@ -3551,6 +3551,10 @@ pre.command:before { content: "\f0da" !important; } +.auth-container .button-bar form { + display: inline-block; +} + .auth-container .button-bar { margin-top: 10px; padding-top: 10px; diff --git a/templates/base.html b/templates/base.html index 1e29026bd..9baba0e25 100644 --- a/templates/base.html +++ b/templates/base.html @@ -51,7 +51,7 @@ - + diff --git a/templates/oauthorize.html b/templates/oauthorize.html index 2629d6a2e..d5bdfc027 100644 --- a/templates/oauthorize.html +++ b/templates/oauthorize.html @@ -16,7 +16,8 @@

{{ application.name }}

- {{ application.organization.name }} + + {{ application.organization.name }}

@@ -55,6 +56,12 @@ +
+ + + + +