From edebea34ac6545909737ce9540e9d51858550873 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 6 Jul 2023 17:53:23 +0300 Subject: Provide the client_id as part of the post request. --- gn3/auth/authentication/oauth2/views.py | 4 +++- gn3/templates/oauth2/authorise-user.html | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py index 7ce45fd..2bd3865 100644 --- a/gn3/auth/authentication/oauth2/views.py +++ b/gn3/auth/authentication/oauth2/views.py @@ -36,7 +36,9 @@ def authorise(): """Authorise a user""" try: server = app.config["OAUTH2_SERVER"] - client_id = uuid.UUID(request.args.get("client_id", str(uuid.uuid4()))) + client_id = uuid.UUID(request.args.get( + "client_id", + request.form.get("client_id", str(uuid.uuid4())))) client = server.query_client(client_id) if not bool(client): flash("Invalid OAuth2 client.", "alert-error") diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html index 33c5b16..b9284e5 100644 --- a/gn3/templates/oauth2/authorise-user.html +++ b/gn3/templates/oauth2/authorise-user.html @@ -7,9 +7,10 @@ {%block content%} {{flash_messages()}} -
+ +

You are authorising "{{client.client_metadata.client_name}}" to access Genenetwork 3 with the following scope: -- cgit v1.2.3