habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

automatically add response_type if not given in OAuth Request

Browse Source
This commit is contained in:
Jens Langhammer
2019-04-17 14:25:51 +02:00
parent 2fa57d064e
commit 9072b836c6
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
passbook/oauth_provider/views/oauth2.py
View File

@ -36,6 +36,13 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
_application = None
def _inject_response_type(self):
"""Inject response_type into querystring if not set"""
LOGGER.debug("response_type not set, defaulting to 'code'")
querystring = urlencode(self.request.GET)
querystring += '&response_type=code'
return redirect(reverse('passbook_oauth_provider:oauth2-ok-authorize') + '?' + querystring)
def dispatch(self, request, *args, **kwargs):
"""Update OAuth2Provider's skip_authorization state"""
# Get client_id to get provider, so we can update skip_authorization field
@ -55,6 +62,9 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
for policy_meaage in policy_meaages:
messages.error(request, policy_meaage)
return redirect('passbook_oauth_provider:oauth2-permission-denied')
# Some clients don't pass response_type, so we default to code
if 'response_type' not in request.GET:
return self._inject_response_type()
actual_response = super().dispatch(request, *args, **kwargs)
if actual_response.status_code == 400:
LOGGER.debug(request.GET.get('redirect_uri'))