audit: sanitize kwargs when creating audit event

2019-12-31 13:33:07 +01:00
parent 74b2b26a20
commit 766518ee0e
7 changed files with 46 additions and 9 deletions
--- a/passbook/providers/oauth/views/oauth2.py
+++ b/passbook/providers/oauth/views/oauth2.py
@ -82,8 +82,7 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
    def form_valid(self, form):
        # User has clicked on "Authorize"
        Event.new(
-            EventAction.AUTHORIZE_APPLICATION,
-            authorized_application=self._application.pk,
+            EventAction.AUTHORIZE_APPLICATION, authorized_application=self._application,
        ).from_http(self.request)
        LOGGER.debug(
            "User authorized Application",