def _authorize(handler, *args, **kwargs): redirect_uri = handler.get_argument('redirect_uri', None) try: if handler.request.method == 'POST': rv = _post(handler, *args, **kwargs) else: rv = _get(handler, *args, **kwargs) except FatalClientError as e: log.debug('Fatal client error %r', e) return handler.redirect(e.in_uri(self.error_uri)) except OAuth2Error as e: log.debug('OAuth2Error: %r', e) return handler.redirect(e.in_uri(redirect_uri or self.error_uri)) except Exception as e: log.warn('Exception: %r', e) return handler.redirect(add_params_to_uri( self.error_uri, {'error': 'unknown'} )) if not isinstance(rv, bool): # if is a response or redirect return rv if not rv: # denied by user e = AccessDeniedError() return handler.redirect(e.in_uri(redirect_uri)) return self.confirm_authorization_request(handler)
def _authorize(handler, *args, **kwargs): redirect_uri = handler.get_argument('redirect_uri', None) try: if handler.request.method == 'POST': rv = _post(handler, *args, **kwargs) else: rv = _get(handler, *args, **kwargs) except FatalClientError as e: log.debug('Fatal client error %r', e) return handler.redirect(e.in_uri(self.error_uri)) except OAuth2Error as e: log.debug('OAuth2Error: %r', e) return handler.redirect( e.in_uri(redirect_uri or self.error_uri)) except Exception as e: log.warn('Exception: %r', e) return handler.redirect( add_params_to_uri(self.error_uri, {'error': 'unknown'})) if not isinstance(rv, bool): # if is a response or redirect return rv if not rv: # denied by user e = AccessDeniedError() return handler.redirect(e.in_uri(redirect_uri)) return self.confirm_authorization_request(handler)
def post(self): uri, http_method, body, headers = extract_params(self.request) redirect_uri = self.request.POST.get('redirect_uri') if 'submit' in self.request.POST: scope = self.request.POST.get('scope', '') scopes = scope.split() credentials = { 'client_id': self.request.POST.get('client_id'), 'redirect_uri': redirect_uri, 'response_type': self.request.POST.get('response_type'), 'state': self.request.POST.get('state'), 'user': self.request.user, } try: server_response = self.server.create_authorization_response( uri, http_method, body, headers, scopes, credentials, ) app = Session.query(Application).filter( Application.id == credentials['client_id'], ).one() try: auth_app = Session.query(AuthorizedApplication).filter( AuthorizedApplication.user == self.request.user, AuthorizedApplication.application == app, ).one() except NoResultFound: auth_app = AuthorizedApplication( user=self.request.user, application=app, ) auth_app.redirect_uri = credentials['redirect_uri'] auth_app.response_type = credentials['response_type'] auth_app.scope = scopes Session.add(auth_app) return create_response(*server_response) except FatalClientError as e: return response_from_error(e) elif 'cancel' in self.request.POST: e = AccessDeniedError() return HTTPFound(e.in_uri(redirect_uri))