auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flow

Implement the "Authorization Code Flow" for the authentication of users.

* gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and
  save the authorisation code.
* gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the
  `AuthorisationCode` model
* gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo
* gn3/auth/authentication/oauth2/server.py: Register the
  `AuthorisationCodeGrant` grant with the server.
* gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint
* gn3/templates/base.html: New HTML Templates of authorisation UI
* gn3/templates/common-macros.html: New HTML Templates of authorisation UI
* gn3/templates/oauth2/authorise-user.html: New HTML Templates of
  authorisation UI
* main.py: Allow both "code" and "token" response types.

1 files changed, 4 insertions, 3 deletions

diff --git a/main.py b/main.py
index 6890b33..3c4b146 100644
--- a/main.py
+++ b/main.py
@@ -74,10 +74,11 @@ def init_dev_clients():
             "token_endpoint_auth_method": [
                 "client_secret_post", "client_secret_basic"],
             "client_type": "confidential",
-            "grant_types": ["password", "authorisation_code", "refresh_token"],
+            "grant_types": ["password", "authorization_code", "refresh_token"],
             "default_redirect_uri": "http://localhost:5033/oauth2/code",
-            "redirect_uris": ["http://localhost:5033/oauth2/code"],
-            "response_type": "token", # choices: ["code", "token"]
+            "redirect_uris": ["http://localhost:5033/oauth2/code",
+                              "http://localhost:5033/oauth2/token"],
+            "response_type": ["code", "token"],
             "scope": ["profile", "group", "role", "resource", "register-client",
                       "user", "migrate-data", "introspect"]
         }),