def post(self):
"""POST action to authorize the Client Application.
To authorize will be send a POST with 'grant' parameter set to true, to deny 'parameter' set to false."""
grant = self.get_argument("grant")
client_id = self.get_argument("client_id")
response_type = self.get_argument("response_type")
redirect_uri = self.get_argument("redirect_uri")
scope = self.get_argument("scope")
# the client send correct paramenters, we need to check if the client id exist and we
# create the relation between the user-agent and the client
if grant == "true":
try:
#check if the client exist
client = Client()
exist = client.get(client_id=client_id)
if exist['redirect_uri'] != redirect_uri:
#have an error, return a 403
raise tornado.web.HTTPError(403,"redirect uri problem")
except ObjectDoesNotExist, e:
raise tornado.web.HTTPError(403,"the client id not correspond to any Client")
grant = Grant()
try:
#we accept the grant for the user
grant.is_already_authorized(client_id,self.get_current_user())
grant.update(client_id,self.get_current_user())
except ObjectDoesNotExist, e:
grant.add(client_id,self.get_current_user())
