def validate_client_redirect_uri(client_id, redirect_uri):
client = db_client.get(client_id)
if client is None or isinstance(redirect_uri,
six.string_types) is False:
return False
else:
return client["redirect_uri"] == redirect_uri.split('?')[0]
def authorize_prompt():
"""OAuth 2.0 authorization endpoint."""
response_type = request.args.get('response_type')
client_id = request.args.get('client_id')
redirect_uri = request.args.get('redirect_uri')
scope = request.args.get('scope')
state = request.args.get('state')
if request.method == 'GET': # Client requests access
oauth_provider.validate_authorization_request(client_id, response_type,
redirect_uri, scope)
client = db_client.get(client_id)
return render_template('oauth/prompt.html',
client=client,
scope=scope,
cancel_url=build_url(
redirect_uri, dict(error='access_denied')),
hide_navbar_links=True,
hide_footer=True)
if request.method == 'POST': # User grants access to the client
oauth_provider.validate_authorization_request(client_id, response_type,
redirect_uri, scope)
code = oauth_provider.generate_grant(client_id, current_user.id,
redirect_uri, scope)
return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def authorize_prompt():
"""OAuth 2.0 authorization endpoint."""
response_type = request.args.get('response_type')
client_id = request.args.get('client_id')
redirect_uri = request.args.get('redirect_uri')
scope = request.args.get('scope')
state = request.args.get('state')
if request.method == 'GET': # Client requests access
oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope)
client = db_client.get(client_id)
return render_template('oauth/prompt.html', client=client, scope=scope,
cancel_url=build_url(redirect_uri, dict(error='access_denied')),
hide_navbar_links=True, hide_footer=True)
if request.method == 'POST': # User grants access to the client
oauth_provider.validate_authorization_request(client_id, response_type, redirect_uri, scope)
code = oauth_provider.generate_grant(client_id, current_user.id, redirect_uri, scope)
return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def validate_client_redirect_uri(client_id, redirect_uri):
client = db_client.get(client_id)
if client is None or isinstance(redirect_uri, six.string_types) is False:
return False
else:
return client["redirect_uri"] == redirect_uri.split('?')[0]
def validate_client_secret(client_id, client_secret):
client = db_client.get(client_id)
if client is None:
return False
else:
return client["client_secret"] == client_secret
def validate_client_id(client_id):
if not client_id:
return False
return db_client.get(client_id) is not None
def validate_client_secret(client_id, client_secret):
client = db_client.get(client_id)
if client is None:
return False
else:
return client["client_secret"] == client_secret
def validate_client_id(client_id):
if not client_id:
return False
return db_client.get(client_id) is not None