Add cancel button to the oauth authorization page, add the org icon to said page, and fix some other minor bugs
This commit is contained in:
Joseph Schorr
parent
acac2a7fa7
commit
e92cf37583
5 changed files with 49 additions and 2 deletions
|
|
@ -268,6 +268,27 @@ def authorize_application():
|
|||
return provider.get_token_response('token', client_id, redirect_uri, scope=scope)
|
||||
|
||||
|
||||
@web.route('/oauth/denyapp', methods=['POST'])
|
||||
def deny_application():
|
||||
if not current_user.is_authenticated():
|
||||
abort(401)
|
||||
return
|
||||
|
||||
provider = FlaskAuthorizationProvider()
|
||||
client_id = request.form.get('client_id', None)
|
||||
redirect_uri = request.form.get('redirect_uri', None)
|
||||
scope = request.form.get('scope', None)
|
||||
csrf = request.form.get('csrf', None)
|
||||
|
||||
# Verify the csrf token.
|
||||
if csrf != generate_csrf_token():
|
||||
abort(404)
|
||||
return
|
||||
|
||||
# Add the access token.
|
||||
return provider.get_auth_denied_response('token', client_id, redirect_uri, scope=scope)
|
||||
|
||||
|
||||
@web.route('/oauth/authorize', methods=['GET'])
|
||||
@no_cache
|
||||
def request_authorization_code():
|
||||
|
|
|
|||
Reference in a new issue