Merge branch 'koh'

Conflicts: auth/scopes.py requirements-nover.txt requirements.txt static/css/quay.css static/directives/namespace-selector.html static/js/app.js static/partials/manage-application.html templates/oauthorize.html
2014-12-01 12:30:09 -08:00 · 2014-12-01 12:30:09 -08:00 · f3259c862b
commit f3259c862b
parent 5cb36fe053 8591889c62
57 changed files with 537 additions and 141 deletions
--- a/data/model/oauth.py
+++ b/data/model/oauth.py
@ -9,6 +9,7 @@ from data.database import (OAuthApplication, OAuthAuthorizationCode, OAuthAccess
                           random_string_generator)
 from data.model.legacy import get_user
 from auth import scopes
+from flask import render_template


 logger = logging.getLogger(__name__)
@ -154,6 +155,7 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):


  def get_token_response(self, response_type, client_id, redirect_uri, **params):
+
    # Ensure proper response_type
    if response_type != 'token':
      err = 'unsupported_response_type'
@ -161,7 +163,7 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):

    # Check redirect URI
    is_valid_redirect_uri = self.validate_redirect_uri(client_id, redirect_uri)
-    if not is_valid_redirect_uri:
+    if redirect_uri != 'display' and not is_valid_redirect_uri:
      return self._invalid_redirect_uri_response()

    # Check conditions
@ -196,6 +198,10 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
    url = utils.build_url(redirect_uri, params)
    url += '#access_token=%s&token_type=%s&expires_in=%s' % (access_token, token_type, expires_in)

+    if redirect_uri == 'display':
+      return self._make_response(
+        render_template("message.html", message="Access Token: " + access_token))
+
    return self._make_response(headers={'Location': url}, status_code=302)