def handle_scope_response(request):
authorization_request = get_object_or_404(AuthorizationRequest, key=request.POST.get('authorization_request_key'))
form = ScopeForm(authorization_request, data=request.POST)
if form.is_valid():
status = form.cleaned_data.get('status')
scope = form.cleaned_data.get('scope')
if status == STATUS_GRANT:
return authorization_grant_response(authorization_request, request.user, scope)
return authorization_deny_response(authorization_request)
return generate_scope_page(request, form, authorization_request)
def test(self):
redirect_uri = 'http://www.google.fr'
c = Client.objects.create(
key='test',
name='test client',
authorized_reponse_types=appconsts.RESPONSE_TYPES
)
r = AuthorizationRequest.objects.create(
response_type=appconsts.RESPONSE_TYPE_TOKEN,
client=c,
redirect_uri=redirect_uri,
)
response = authorization_deny_response(r)
self.assertAuthorizeError(
response,
redirect_uri=redirect_uri,
error='access_denied',
)
