def validate_client_redirect_uri(client_id, redirect_uri): client = db_client.get(client_id) if client is None or isinstance(redirect_uri, six.string_types) is False: return False else: return client["redirect_uri"] == redirect_uri.split('?')[0]
def authorize_prompt(): """OAuth 2.0 authorization endpoint.""" response_type = request.args.get('response_type') client_id = request.args.get('client_id') redirect_uri = request.args.get('redirect_uri') scope = request.args.get('scope') state = request.args.get('state') if request.method == 'GET': # Client requests access oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope) client = db_client.get(client_id) return render_template('oauth/prompt.html', client=client, scope=scope, cancel_url=build_url( redirect_uri, dict(error='access_denied')), hide_navbar_links=True, hide_footer=True) if request.method == 'POST': # User grants access to the client oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope) code = oauth_provider.generate_grant(client_id, current_user.id, redirect_uri, scope) return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def authorize_prompt(): """OAuth 2.0 authorization endpoint.""" response_type = request.args.get('response_type') client_id = request.args.get('client_id') redirect_uri = request.args.get('redirect_uri') scope = request.args.get('scope') state = request.args.get('state') if request.method == 'GET': # Client requests access oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope) client = db_client.get(client_id) return render_template('oauth/prompt.html', client=client, scope=scope, cancel_url=build_url(redirect_uri, dict(error='access_denied')), hide_navbar_links=True, hide_footer=True) if request.method == 'POST': # User grants access to the client oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope) code = oauth_provider.generate_grant(client_id, current_user.id, redirect_uri, scope) return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def validate_client_secret(client_id, client_secret): client = db_client.get(client_id) if client is None: return False else: return client["client_secret"] == client_secret
def validate_client_id(client_id): if not client_id: return False return db_client.get(client_id) is not None