def authorize(*args, **kwargs):
#Fetch provider URL from settings
oauth_settings = get_oauth_settings()
params = get_urlparams_from_kwargs(kwargs)
request_url = urlparse(frappe.request.url)
success_url = request_url.scheme + "://" + request_url.netloc + "/api/method/frappe.integrations.oauth2.approve?" + params
failure_url = (frappe.form_dict["redirect_uri"] or frappe.form_dict["cmd"]
or "") + "?error=access_denied"
if frappe.session['user'] == 'Guest':
#Force login, redirect to preauth again.
frappe.local.response["type"] = "redirect"
frappe.local.response[
"location"] = "/login?redirect-to=/api/method/frappe.integrations.oauth2.authorize?" + quote(
params.replace("+", " "))
elif frappe.session['user'] != 'Guest':
try:
r = frappe.request
uri = url_fix(r.url)
http_method = r.method
body = r.get_data()
headers = r.headers
scopes, frappe.flags.oauth_credentials = get_oauth_server(
).validate_authorization_request(uri, http_method, body, headers)
skip_auth = frappe.db.get_value(
"OAuth Client", frappe.flags.oauth_credentials['client_id'],
"skip_authorization")
unrevoked_tokens = frappe.get_all("OAuth Bearer Token",
filters={"status": "Active"})
if skip_auth or (oauth_settings["skip_authorization"] == "Auto"
and len(unrevoked_tokens)):
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = success_url
else:
#Show Allow/Deny screen.
response_html_params = frappe._dict({
"client_id":
frappe.db.get_value("OAuth Client", kwargs['client_id'],
"app_name"),
"success_url":
success_url,
"failure_url":
failure_url,
"details":
scopes
})
resp_html = frappe.render_template(
"templates/includes/oauth_confirmation.html",
response_html_params)
frappe.respond_as_web_page("Confirm Access", resp_html)
except FatalClientError as e:
return e
except OAuth2Error as e:
return e
def authorize(**kwargs):
success_url = "/api/method/frappe.integrations.oauth2.approve?" + encode_params(
sanitize_kwargs(kwargs)
)
failure_url = frappe.form_dict["redirect_uri"] + "?error=access_denied"
if frappe.session.user == "Guest":
# Force login, redirect to preauth again.
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = "/login?" + encode_params(
{"redirect-to": frappe.request.url}
)
else:
try:
r = frappe.request
(
scopes,
frappe.flags.oauth_credentials,
) = get_oauth_server().validate_authorization_request(
r.url, r.method, r.get_data(), r.headers
)
skip_auth = frappe.db.get_value(
"OAuth Client",
frappe.flags.oauth_credentials["client_id"],
"skip_authorization",
)
unrevoked_tokens = frappe.get_all(
"OAuth Bearer Token", filters={"status": "Active"}
)
if skip_auth or (
get_oauth_settings().skip_authorization == "Auto" and unrevoked_tokens
):
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = success_url
else:
# Show Allow/Deny screen.
response_html_params = frappe._dict(
{
"client_id": frappe.db.get_value(
"OAuth Client", kwargs["client_id"], "app_name"
),
"success_url": success_url,
"failure_url": failure_url,
"details": scopes,
}
)
resp_html = frappe.render_template(
"templates/includes/oauth_confirmation.html", response_html_params
)
frappe.respond_as_web_page("Confirm Access", resp_html)
except (FatalClientError, OAuth2Error) as e:
return generate_json_error_response(e)
def authorize(*args, **kwargs):
#Fetch provider URL from settings
oauth_settings = get_oauth_settings()
params = get_urlparams_from_kwargs(kwargs)
request_url = urlparse(frappe.request.url)
success_url = request_url.scheme + "://" + request_url.netloc + "/api/method/frappe.integration_broker.oauth2.approve?" + params
failure_url = frappe.form_dict["redirect_uri"] + "?error=access_denied"
if frappe.session['user']=='Guest':
#Force login, redirect to preauth again.
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = "/login?redirect-to=/api/method/frappe.integration_broker.oauth2.authorize?" + quote(params)
elif frappe.session['user']!='Guest':
try:
r = frappe.request
uri = r.url
http_method = r.method
body = r.get_data()
headers = r.headers
scopes, credentials = oauth_server.validate_authorization_request(uri, http_method, body, headers)
skip_auth = frappe.db.get_value("OAuth Client", credentials['client_id'], "skip_authorization")
unrevoked_tokens = frappe.get_all("OAuth Bearer Token", filters={"status":"Active"})
if skip_auth or (oauth_settings["skip_authorization"] == "Auto" and len(unrevoked_tokens)):
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = success_url
else:
#Show Allow/Deny screen.
response_html_params = frappe._dict({
"client_id": frappe.db.get_value("OAuth Client", kwargs['client_id'], "app_name"),
"success_url": success_url,
"failure_url": failure_url,
"details": scopes
})
resp_html = frappe.render_template("templates/includes/oauth_confirmation.html", response_html_params)
frappe.respond_as_web_page("Confirm Access", resp_html)
except FatalClientError as e:
return e
except OAuth2Error as e:
return e
