diff options
| author | Frederick Muriuki Muriithi | 2023-07-06 17:53:23 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-07-06 17:53:23 +0300 |
| commit | edebea34ac6545909737ce9540e9d51858550873 (patch) | |
| tree | 456202f969a856bf47b42f84aa8d878909c5f0d4 | |
| parent | f52247c15f3694f3dd5fd0fd79c3e15376137e07 (diff) | |
| download | genenetwork3-edebea34ac6545909737ce9540e9d51858550873.tar.gz | |
Provide the client_id as part of the post request.
| -rw-r--r-- | gn3/auth/authentication/oauth2/views.py | 4 | ||||
| -rw-r--r-- | gn3/templates/oauth2/authorise-user.html | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py index 7ce45fd..2bd3865 100644 --- a/gn3/auth/authentication/oauth2/views.py +++ b/gn3/auth/authentication/oauth2/views.py @@ -36,7 +36,9 @@ def authorise(): """Authorise a user""" try: server = app.config["OAUTH2_SERVER"] - client_id = uuid.UUID(request.args.get("client_id", str(uuid.uuid4()))) + client_id = uuid.UUID(request.args.get( + "client_id", + request.form.get("client_id", str(uuid.uuid4())))) client = server.query_client(client_id) if not bool(client): flash("Invalid OAuth2 client.", "alert-error") diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html index 33c5b16..b9284e5 100644 --- a/gn3/templates/oauth2/authorise-user.html +++ b/gn3/templates/oauth2/authorise-user.html @@ -7,9 +7,10 @@ {%block content%} {{flash_messages()}} -<form method="POST" action="#"> +<form method="POST" action="{{url_for('oauth2.auth.authorise')}}"> <input type="hidden" name="response_type" value="{{response_type}}" /> <input type="hidden" name="scope" value="{{scope | join(' ')}}" /> + <input type="hidden" name="client_id" value="{{client.client_id}}" /> <p> You are authorising "{{client.client_metadata.client_name}}" to access Genenetwork 3 with the following scope: |