diff options
| -rw-r--r-- | gn3/auth/authentication/oauth2/views.py | 4 | ||||
| -rw-r--r-- | gn3/templates/oauth2/authorise-user.html | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py index 7ce45fd..2bd3865 100644 --- a/gn3/auth/authentication/oauth2/views.py +++ b/gn3/auth/authentication/oauth2/views.py @@ -36,7 +36,9 @@ def authorise(): """Authorise a user""" try: server = app.config["OAUTH2_SERVER"] - client_id = uuid.UUID(request.args.get("client_id", str(uuid.uuid4()))) + client_id = uuid.UUID(request.args.get( + "client_id", + request.form.get("client_id", str(uuid.uuid4())))) client = server.query_client(client_id) if not bool(client): flash("Invalid OAuth2 client.", "alert-error") diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html index 33c5b16..b9284e5 100644 --- a/gn3/templates/oauth2/authorise-user.html +++ b/gn3/templates/oauth2/authorise-user.html @@ -7,9 +7,10 @@ {%block content%} {{flash_messages()}} -<form method="POST" action="#"> +<form method="POST" action="{{url_for('oauth2.auth.authorise')}}"> <input type="hidden" name="response_type" value="{{response_type}}" /> <input type="hidden" name="scope" value="{{scope | join(' ')}}" /> + <input type="hidden" name="client_id" value="{{client.client_id}}" /> <p> You are authorising "{{client.client_metadata.client_name}}" to access Genenetwork 3 with the following scope: |